81.117.60.163200 OK 0 B URL User Request GET HTTP/1.1 IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Moved Temporarily
Location: https://81.117.60.163/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/core.min.js
104.17.25.14200 OK 1.4 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/core.min.js
IP 104.17.25.14:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4000), with no line terminators
Hash abf41b90cfce8a00ae5ad60121a92637
957389e39c9133b40daa0225121dcb17a827c9a5
2bb7f063a5afba0172b0d2eef6fb64cdae6bfc2034494bf440019e247f562ac0
GET /ajax/libs/crypto-js/4.1.1/core.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1425
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-591"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 709128
expires: Mon, 28 Apr 2025 22:27:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sOVb0fsb%2BogcmDDRoSvZSxG3ZGUnIPZsvDIBkmrWMjapG37GrK8y9Eh6qeYpClEVwJJ38lkS2%2Fl%2B2K2tgt7TIbPoh21SIprKwToPMOWZCDD42F7hZB3GR9fAScei5GaEMG3kDEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880ce13998bd568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/md5.min.js
104.17.25.14200 OK 1.1 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/md5.min.js
IP 104.17.25.14:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (3164), with no line terminators
Hash b647bb17c69d16cab8c468acdcabf73e
d7994fb4b0a07a80b2e5399646489c9ba8110a09
75c8916a0f33adfe2322eb8fee978087d5f2b889b44214c41b6928312b0e28c4
GET /ajax/libs/crypto-js/4.1.1/md5.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1053
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-41d"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 698857
expires: Mon, 28 Apr 2025 22:27:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLfnquRm5bui9mf2e289Q3Z3Bkb5vpIh1GxdZqrGobcOBYu9XWMEpD4Ubbl5x4GOmmGV%2FQmteqk62L99R7SGwug4C2Wz5idcSCMRfr%2B0Nvpri3Gl96DFk3inMyq%2FNZF0nGabhdqC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880ce139a8c6568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.8 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:443
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (21924)
Hash 4885a8b933bd00e9bca87f36668f40d3
ceda22bbb7e6b5c55fa28287d61cdfc448c05ad3
36080a0966a7e1efc753fc067ea97fa1a868af6d60c4108a410341367a8e1b44
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6759
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 01:19:22 GMT
cache-control: max-age=86400
etag: "15864ce88fa79a3e954417d0c3396798"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5ufhat-G-wbODl1-ftE_aqnohQDcKAKh6aqO0pzMUmXgRh_dvhfNvA==
age: 76112
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tags.tiqcdn.com/utag/unisalute/main/prod/utag.sync.js
54.230.111.11200 OK 266 B URL GET HTTP/2 tags.tiqcdn.com/utag/unisalute/main/prod/utag.sync.js
IP 54.230.111.11:443
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
Hash ed145a964cfc50354bac9febb6403a95
543eb023dba854b6b20eedfd4cafc05a647fd47d
ccd09627458b7a6ddd4434001df84fdf7ceeb4fde457fde676df8ecb0f2052de
GET /utag/unisalute/main/prod/utag.sync.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 266
last-modified: Wed, 08 May 2024 12:44:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: wjlMzKvsF7UtOBIzVntt_KvdI5JRojtL
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 22:23:49 GMT
etag: "ed145a964cfc50354bac9febb6403a95"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xvN3dlEuR2I8MqHQs1Fd2tTXd_xRgiT9IKPeDt2gH38I5MomKhLwkg==
age: 246
cache-control: max-age=300
X-Firefox-Spdy: h2
81.117.60.163/it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
81.117.60.163200 OK 82 kB URL GET HTTP/1.1 81.117.60.163/it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (2107)
Hash bc56034f7d548de5c2b6e33c3047f88e
40fd6d3052073a3b7de758930f942c6fec3cdf5b
5588624aacaba6fc6a19a621e41cd8c19cc2b2035e29791b2a921183c7700de3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /it/ruxitagentjs_ICA7NVfqrux_10287240325103108.js HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
Content-Encoding: gzip
Expires: Thu, 08 May 2025 22:27:54 GMT
Cache-Control: public, max-age=31536000, immutable
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
Content-Length: 82544
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: text/javascript; charset=utf-8
Set-Cookie: TSa871e10f027=0859b2a892ab2000b20a2603a56e6b34dc53ff00d45a7f5ef74e0232ec06bb489d2d7f2241c98bf808fb5cc2a811300004638d76fe4b2ca07891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/tablet.min.js?v=20230925
81.117.60.163200 OK 0 B URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/tablet.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/tablet.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/tablet.min.js
Content-Length: 0
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-206191452"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200050ab8c2761f38a0a1ac12098f1730a5d780399d482775a5835fbe5628ce5e985087464868b113000670c28613d4f3dae7891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/mobile.min.js?v=20230925
81.117.60.163200 OK 0 B URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/mobile.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/mobile.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/mobile.min.js
Content-Length: 0
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1612805919"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000a7d27af1cc324a268f3c4eb2e4fb298ed5f299d6caa5633dcf3ce3958521e7d6085bba07eb113000257765ab025fa66e7891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/wcm/connect/5358aedc-01ff-4919-a214-95978bfe2628/icon-blue-wallet.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-5358aedc-01ff-4919-a214-95978bfe2628-opavTTD
81.117.60.163200 OK 1.7 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/5358aedc-01ff-4919-a214-95978bfe2628/icon-blue-wallet.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-5358aedc-01ff-4919-a214-95978bfe2628-opavTTD
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 53 x 60, 8-bit/color RGBA, non-interlaced
Hash 96449db9a7cc8c1c2cf9d79814d1e9ef
5319c1b4cc9a5eb70dc24dc4fe70960cc90edbdb
3b14e8150229d3b71ce6d58287d86303eed32717e2705642c7c977628f59dfa6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/5358aedc-01ff-4919-a214-95978bfe2628/icon-blue-wallet.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-5358aedc-01ff-4919-a214-95978bfe2628-opavTTD HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1249900124"
Content-Length: 1714
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1852816113"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20004248771e9acdf404b38ec11ed4f399af8524fad7f19456bdd6109a126584bb7108fcf31a9c113000c3a1c557c7915fe50ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.8 kB URL GET HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:443
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (21924)
Hash 4885a8b933bd00e9bca87f36668f40d3
ceda22bbb7e6b5c55fa28287d61cdfc448c05ad3
36080a0966a7e1efc753fc067ea97fa1a868af6d60c4108a410341367a8e1b44
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6759
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 01:19:22 GMT
cache-control: max-age=86400
etag: "15864ce88fa79a3e954417d0c3396798"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PcWJ2rzLsDaZyNo35hSap72rbgFSLmcHaqcnIRsf3M0CUQuSEUSmkA==
age: 76113
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
81.117.60.163/wcm/connect/b5e582b0-4002-4bfe-bf6d-c01bd54cfd27/LogoUniSaluteBianco_001.png?MOD=AJPERES
81.117.60.163200 OK 7.2 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/b5e582b0-4002-4bfe-bf6d-c01bd54cfd27/LogoUniSaluteBianco_001.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 132 x 38, 8-bit/color RGBA, interlaced
Hash fa35feace7e3864ff1350ef6dd53774c
8497f3b62f4451719ac6a7269909a3b0895d1a99
5df369db39f986b3527cbc4c0f4270d1bc205838f739f0bb1f5880fe4e85001d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/b5e582b0-4002-4bfe-bf6d-c01bd54cfd27/LogoUniSaluteBianco_001.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "984255465"
Content-Length: 7184
Server-Timing: dtSInfo;desc="0", dtRpid;desc="296395056"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200016635fc1326cf2367c16e3e3e88de34dc062b227901fa0ce20e81429c9144ba5084e9c175b1130001dc86353c12d9ded0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/cd16b653-58f6-43c9-a37f-82d682688623/ICONE3.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-cd16b653-58f6-43c9-a37f-82d682688623-o0nMM5C
81.117.60.163200 OK 1.5 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/cd16b653-58f6-43c9-a37f-82d682688623/ICONE3.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-cd16b653-58f6-43c9-a37f-82d682688623-o0nMM5C
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash f9a8f6c343acd8a8ff6af795013fa71d
7b2caf37610dae4fcf3eb91ffe7441e37ed6b577
732fa4a895554e27615ea3e22be3f5fd764a9bf2de9553f82efe45e0cf070aa7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/cd16b653-58f6-43c9-a37f-82d682688623/ICONE3.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-cd16b653-58f6-43c9-a37f-82d682688623-o0nMM5C HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "398668952"
Content-Length: 1530
Server-Timing: dtSInfo;desc="0", dtRpid;desc="826625949"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200025b4e920a0209eba2b0f641c40b1de4b48d446da8906c1f1d35b10e52ef5a52808340d0379113000e706d24750fe98bf0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/475fad23-3572-4f47-b799-3fb74d810e19/icona+servizi+online+e+app.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-475fad23-3572-4f47-b799-3fb74d810e19-nSVAcXI
81.117.60.163200 OK 683 B URL GET HTTP/1.1 81.117.60.163/wcm/connect/475fad23-3572-4f47-b799-3fb74d810e19/icona+servizi+online+e+app.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-475fad23-3572-4f47-b799-3fb74d810e19-nSVAcXI
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash f2d0692e06f184e6045e887d359536c2
98f6d48718277d1825f0aaaee4e743d91b40d219
10ba8b92d4e7805171aa00bf090cac8dcb306612c94ed1b98bc7d00f6240ed79
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/475fad23-3572-4f47-b799-3fb74d810e19/icona+servizi+online+e+app.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-475fad23-3572-4f47-b799-3fb74d810e19-nSVAcXI HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-1181660506"
Content-Length: 683
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2644957"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200007a8186c22f701e3eb5dcf917669bd2d606bd80eaf91a6cf3211bc2d31e74bf508272ee1f11130004504e520a096ab1c0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/d64f049a-4e5f-4697-80de-b1503898b1d8/icon-blue-calendar.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d64f049a-4e5f-4697-80de-b1503898b1d8-opavYwH
81.117.60.163200 OK 2.1 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/d64f049a-4e5f-4697-80de-b1503898b1d8/icon-blue-calendar.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d64f049a-4e5f-4697-80de-b1503898b1d8-opavYwH
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 53 x 60, 8-bit/color RGBA, non-interlaced
Hash d2ddeea02346529c1164a2f5ec2318a9
937bb85e4bf3a503556526aaf157cc7180785145
8c60a96c7e341d2f366d002facbfd7ff792313b3aa02c6550bfbc1a41162e11a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/d64f049a-4e5f-4697-80de-b1503898b1d8/icon-blue-calendar.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d64f049a-4e5f-4697-80de-b1503898b1d8-opavYwH HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1249900841"
Content-Length: 2140
Server-Timing: dtSInfo;desc="0", dtRpid;desc="242182345"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000068d84ac30cea514ea599f9492527cff881d91e4d0b9fd98835f44f61ee429c60807907948113000e3ca2a1eba5c68620ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/lc_lightbox.lite.min.js?v=20230925
81.117.60.163200 OK 101 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/lc_lightbox.lite.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Size 101 kB (100664 bytes)
Hash de6d77a2260dde045abffda1084dc618
55d7e5adf9e79546fc6191aa53312096aac8fd21
9498b71bddf607576497f36c06ce877a91427017181dc24c1753c04c4db341c7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/lc_lightbox.lite.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Mon, 11 Sep 2023 14:27:56 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/lc_lightbox.lite.min.js
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="73686356"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000b0f9e83660487a28c5aed1c36e4972c610c1ef0e71ce31a601860f82ba64d03c080234d2ac1130007131524abcb73a477891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/wcm/connect/b9924ef0-4ddc-4ce2-912f-e49f954e2a76/ICONE5.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b9924ef0-4ddc-4ce2-912f-e49f954e2a76-oZei3N-
81.117.60.163200 OK 1.4 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/b9924ef0-4ddc-4ce2-912f-e49f954e2a76/ICONE5.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b9924ef0-4ddc-4ce2-912f-e49f954e2a76-oZei3N-
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 120e26742f0aafa1d3c81a38c05ad18f
f06a5c26fb353802f5b5f9f7cc76024b67a2bb22
69474ff96f5fccd4e31c197421b3a0775b56f3b8b72c3d45c41626948dd88158
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/b9924ef0-4ddc-4ce2-912f-e49f954e2a76/ICONE5.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b9924ef0-4ddc-4ce2-912f-e49f954e2a76-oZei3N- HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1313389031"
Content-Length: 1351
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1148323818"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000ac932f3a2ee03db6ab59a18d49eaa37c9f01c42ae4da0222c0de07d8daabaac708a8a2f163113000d53bb5c480c3b6d50ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/wcm.min.css?v=20230925
81.117.60.163200 OK 87 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/wcm.min.css?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 45d2f16751b960616b62c6416b44ae45
984dfe0cb7cbb62926e2ffdb3f219e3d474a3327
e55d20d550865888e45213bda8e2837e9e4ab421996fd7c005b59a7b0a022182
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/wcm.min.css?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/wcm.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1406330483"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20008a0349f02abf161b1467142623f0ff889ae048dee9a736dcd644da3ffec1d404082aa8dc081130002202980eb3c9b0e17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/lc_lightbox.min.css
81.117.60.163200 OK 92 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/lc_lightbox.min.css
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash e1cc51a95cf6635360d2927d9308ebbd
c82244f0adef7141db98c7b6eb6b5712bd1e2d30
ca496170c92aaae6419c03612118d5fcca4be28893b7674eeba488d15dd16ca3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/lc_lightbox.min.css HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/lc_lightbox.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1189186032"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20008d869fd0201751172563d94cfafdf61e307195b021490da2a14113c0bc9d072e0847c2100d113000eea8d9cec5952a267891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163200 OK 220 kB URL User Request GET HTTP/1.1 IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Size 220 kB (219863 bytes)
Hash 57adbf15c6572f54226c6be774f9487b
3cf4cc97862b91694fcdce7311528a2ce92e4a87
d2c83014a552136ec58d3d0da6d749f202895425d3336384f375cdf23c38060d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Location: /it/home/!ut/p/z1/04_Sj9CPykssy0xPLMnMz0vMAfIjo8zi_S3dPQ3dgw0MLEOCnQwCfRwDnCzcjAwN3I30wwkpiAJKG-AAjgZA_VFgJbhMMDCGKsBjRkFuhEGmo6IiAJIe7HQ!/dz/d5/L2dBISEvZ0FBIS9nQSEh/
Pragma: no-cache
Vary: Cookie,User-Agent,Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-526788139"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Language: en
Set-Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; Path=/; Version=1; Secure; Httponly
DigestTracker=AAABj1pR_kI; Path=; Version=1; Secure; Httponly
TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; Path=/
TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533
TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/bootstrap-select.min.css
81.117.60.163200 OK 89 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/bootstrap-select.min.css
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash fe41fd2d0d0de7701e5be939cf4d78a0
0f503f8ab740139e0ad54ce90774082458704343
3ab04c87685509db2c678dda5628cfa9d82de8f86d78eaa9eb49c6c163fe3957
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/bootstrap-select.min.css HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/bootstrap-select.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="851956046"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200012ef7a8ec645e9c2525dbbab65989e602324aa6fcebee1634a582dcc0964b6ee08c3bc023011300057e3f72e61c7987b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/65b58f9c-ae71-4a72-8e17-70735b2ddbec/piano+sanitario.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-65b58f9c-ae71-4a72-8e17-70735b2ddbec-nSVB0dm
81.117.60.163200 OK 1.5 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/65b58f9c-ae71-4a72-8e17-70735b2ddbec/piano+sanitario.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-65b58f9c-ae71-4a72-8e17-70735b2ddbec-nSVB0dm
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 0086634e1a3f8671377e8d974594ebb9
a0adc71b8197babfb9b42002198937571b1819a1
753613e91b2e55c9ee87847d24c5748d4c853ece2e4121d4ae09f577376d8529
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/65b58f9c-ae71-4a72-8e17-70735b2ddbec/piano+sanitario.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-65b58f9c-ae71-4a72-8e17-70735b2ddbec-nSVB0dm HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-1181477282"
Content-Length: 1531
Server-Timing: dtSInfo;desc="0", dtRpid;desc="469646582"
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20007bddd58d4b2436285e9fb759333ec30ac2f30028e1f5f3292aa53b11047a2da608723385ab113000a5ae6535540355250ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/0eab2a2c-1c97-4640-831b-235948ecd07a/ICONE12.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-0eab2a2c-1c97-4640-831b-235948ecd07a-oyhgWEA
81.117.60.163200 OK 1.3 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/0eab2a2c-1c97-4640-831b-235948ecd07a/ICONE12.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-0eab2a2c-1c97-4640-831b-235948ecd07a-oyhgWEA
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 68a184eb35dd4ac27dae47771e5327f6
55e51d4a3796765050d33ab3cc2952f73970a8d9
46eb5f8a66e4af105706ad3239f6483079a34e5c13771872801a2d2beaddb935
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/0eab2a2c-1c97-4640-831b-235948ecd07a/ICONE12.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-0eab2a2c-1c97-4640-831b-235948ecd07a-oyhgWEA HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-1857805663"
Content-Length: 1267
Server-Timing: dtSInfo;desc="0", dtRpid;desc="212643982"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000b74ceb820c485ec0d2e6162704300779581c0148caaebf7cce12da659e188256083c7fb2d31130003cef44f2675cec010ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/838f91f6-dca1-4464-985d-cd5993ffa63d/LogoUniSaluteColori_001.png?MOD=AJPERES
81.117.60.163200 OK 12 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/838f91f6-dca1-4464-985d-cd5993ffa63d/LogoUniSaluteColori_001.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 200 x 45, 8-bit/color RGB, interlaced
Hash 7600ff1fbb12df71fde34b934b6ef1a4
a49ce3027cdd69baa46687992dbef80a2873a34d
d61106e578238f6abaa65170b9e5cb6a641360dab68df0d063dd2dcf844004a3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/838f91f6-dca1-4464-985d-cd5993ffa63d/LogoUniSaluteColori_001.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054189"
Content-Length: 11496
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1524198481"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200047ad385159dbe6c1bc560f7b15f53ba9991edefab7dcb173868d96af31d4273408f6cf7f9511300017dfdbc9b2986ac20ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/7c50274b-3c86-4332-88b8-717d87501183/ICONE26.png?MOD=AJPERES
81.117.60.163200 OK 430 B URL GET HTTP/1.1 81.117.60.163/wcm/connect/7c50274b-3c86-4332-88b8-717d87501183/ICONE26.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Hash e9ab2ee3f1ed12d1a29e1fd4e9c2fc9d
a9d1d9a1d0b45c6c82f2b1ced8c3b1c523212c0a
327b67a33a0fda39c6bbddfed138592f4f2775be3afb082f057e54644a63cb91
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/7c50274b-3c86-4332-88b8-717d87501183/ICONE26.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054188"
Content-Length: 430
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1723848294"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000af873835ba8a6cfc17b26d0e107b6f5f95ca5f9957c217b458f8e357a8f1af2e08721dae9f113000330faa0100bca2b90ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/0673aacd-7367-4489-bed8-56045ed365ab/ICONE28.png?MOD=AJPERES
81.117.60.163200 OK 465 B URL GET HTTP/1.1 81.117.60.163/wcm/connect/0673aacd-7367-4489-bed8-56045ed365ab/ICONE28.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Hash 5a245c4538c19d226d77cbc2071ca302
d6a1072933641d65f6056746bedbfa373f26645b
c8a551ef1a9e62e3cd4338ea26366fb4e07bbb379f3a9b18311dcb5382b17d70
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/0673aacd-7367-4489-bed8-56045ed365ab/ICONE28.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054188"
Content-Length: 465
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1290921759"
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000f2ae95d9bc8545b1ee288b9c5a134e0e5a2c974bf7948ab676f3760ca9caef3d0860ed446b113000d57ead8597112f9b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/3c9ef989-d061-4f29-858e-56500c4d5311/google_play_store_001.png?MOD=AJPERES
81.117.60.163200 OK 8.4 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/3c9ef989-d061-4f29-858e-56500c4d5311/google_play_store_001.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 187 x 51, 8-bit/color RGBA, interlaced
Hash 9c90dd54576069a5ae32a32edcea714b
cab8451c37734d8fbb360249430aa1bad91eb94d
8bf0527ce448de90d59f524087293cd704bfd0249ff7907473ec0b0480e2595f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/3c9ef989-d061-4f29-858e-56500c4d5311/google_play_store_001.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054186"
Content-Length: 8386
Server-Timing: dtSInfo;desc="0", dtRpid;desc="301907852"
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000584f9faf3085509ccad0719da668b45abc0923aa0e95d39d05bc3b65d15eb3d808eace0e271130001f34b6d7b8b764150ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/f91688ad-c387-4604-9dc8-fc84c8699085/Logo_InSalute.png?MOD=AJPERES
81.117.60.163200 OK 6.2 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/f91688ad-c387-4604-9dc8-fc84c8699085/Logo_InSalute.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 82 x 33, 8-bit/color RGBA, non-interlaced
Hash 294e02d30befbfbf615c9f70ffbb22ec
a19c7e810c0773d25617d496b03a8b1c7a078394
30f3db2ea133b457f87fa06daa464592c83f685d425a5447cc8548252169486b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/f91688ad-c387-4604-9dc8-fc84c8699085/Logo_InSalute.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054188"
Content-Length: 6178
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-103412797"
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20000d51674e4a253fe9344c1f01974a0f77752c1a34500554d55720a372fac4c11f081ffd046b113000edb7b82487264f7f0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/3ef2115c-b658-4d4e-b72a-f0a6816a117d/apple_store_001.png?MOD=AJPERES
81.117.60.163200 OK 8.2 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/3ef2115c-b658-4d4e-b72a-f0a6816a117d/apple_store_001.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 187 x 51, 8-bit/color RGBA, interlaced
Hash 380e8b1f4151dc2ab37486ffd483f2a7
cdca16d008a923e1193a67923c4ebeef8b1badcd
1e2ce08a2cb267be6e20953b2cb73a575c9b14d274d7802c72975d180ac4d693
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/3ef2115c-b658-4d4e-b72a-f0a6816a117d/apple_store_001.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054189"
Content-Length: 8216
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-40307349"
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200094bf1ad720ced33547264db70abfa3ae2385009881ca16ac0e4fe06814ce35680887854210113000546b34d4f225d3fc0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/04d66844-3ffe-4195-9c95-96b9da5e4f43/ICONA+IG.png?MOD=AJPERES
81.117.60.163200 OK 3.2 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/04d66844-3ffe-4195-9c95-96b9da5e4f43/ICONA+IG.png?MOD=AJPERES
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Hash e311d5d913b7ecbf514929757811e606
dac19353f77f7afbc7ee1f16484c48dbef3300a9
346cc01e77ec631fa9f4699ded5b4379e6925ab2f785a7ae5d13bda9a483caf4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/04d66844-3ffe-4195-9c95-96b9da5e4f43/ICONA+IG.png?MOD=AJPERES HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1542054189"
Content-Length: 3160
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2024193726"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000bfd08e3245c5da17237b6fcade4c6297616cd6cbd7e746806ff69ed8b01a8e9b083aca0fc51130004ab92c149837578f0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&lm=1693989624000&entry=wp_client_main__0.0%3Ahead_js&entry=wp_client_ext__0.0%3Ahead_js&entry=wp_client_logging__0.0%3Ahead_js&entry=wp_client_tracing__0.0%3Ahead_js&entry=wp_modules__0.0%3Ahead_js&entry=wp_photon_dom__0.0%3Ahead_js&entry=wp_toolbar_common__0.0%3Ahead_js&entry=wp_dialog_util__0.0%3Ahead_js&entry=wp_dialog_draggable__0.0%3Ahead_js&entry=wp_dialog_main__0.0%3Ahead_js&entry=wp_a11y__0.0%3Ahead_js&entry=wp_state_page__0.0%3Ahead_js&entry=wp_client_selector__0.0%3Ahead_js&entry=wp_theme_portal_85__0.0%3Ahead_js&entry=wp_theme_utils__0.0%3Ahead_js&entry=wp_wcm_async__0.0%3Ahead_js&entry=wp_toolbar_viewframe_validator__0.0%3Ahead_js&entry=jquery__3.6.0%3Ahead_js&entry=wp_analytics_aggregator__0.0%3Ahead_js
81.117.60.163200 OK 93 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&lm=1693989624000&entry=wp_client_main__0.0%3Ahead_js&entry=wp_client_ext__0.0%3Ahead_js&entry=wp_client_logging__0.0%3Ahead_js&entry=wp_client_tracing__0.0%3Ahead_js&entry=wp_modules__0.0%3Ahead_js&entry=wp_photon_dom__0.0%3Ahead_js&entry=wp_toolbar_common__0.0%3Ahead_js&entry=wp_dialog_util__0.0%3Ahead_js&entry=wp_dialog_draggable__0.0%3Ahead_js&entry=wp_dialog_main__0.0%3Ahead_js&entry=wp_a11y__0.0%3Ahead_js&entry=wp_state_page__0.0%3Ahead_js&entry=wp_client_selector__0.0%3Ahead_js&entry=wp_theme_portal_85__0.0%3Ahead_js&entry=wp_theme_utils__0.0%3Ahead_js&entry=wp_wcm_async__0.0%3Ahead_js&entry=wp_toolbar_viewframe_validator__0.0%3Ahead_js&entry=jquery__3.6.0%3Ahead_js&entry=wp_analytics_aggregator__0.0%3Ahead_js
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Hash 4a6ae07054abc3bd126149fad6828c43
5e4e244a079a72ec570085bcb922e624baf35560
9002e4dfdcbdcea5a737ca6e0f02d478cab3b2e3e3a62f7f638f3cd1e06db261
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&lm=1693989624000&entry=wp_client_main__0.0%3Ahead_js&entry=wp_client_ext__0.0%3Ahead_js&entry=wp_client_logging__0.0%3Ahead_js&entry=wp_client_tracing__0.0%3Ahead_js&entry=wp_modules__0.0%3Ahead_js&entry=wp_photon_dom__0.0%3Ahead_js&entry=wp_toolbar_common__0.0%3Ahead_js&entry=wp_dialog_util__0.0%3Ahead_js&entry=wp_dialog_draggable__0.0%3Ahead_js&entry=wp_dialog_main__0.0%3Ahead_js&entry=wp_a11y__0.0%3Ahead_js&entry=wp_state_page__0.0%3Ahead_js&entry=wp_client_selector__0.0%3Ahead_js&entry=wp_theme_portal_85__0.0%3Ahead_js&entry=wp_theme_utils__0.0%3Ahead_js&entry=wp_wcm_async__0.0%3Ahead_js&entry=wp_toolbar_viewframe_validator__0.0%3Ahead_js&entry=jquery__3.6.0%3Ahead_js&entry=wp_analytics_aggregator__0.0%3Ahead_js HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: FWMrmLLsjgP_W-CWC_Cfyg
X-DataSource-Digest: 57V0MJHnGWOvb6EWw16YdA
Expires: Thu, 09 May 2024 22:27:54 GMT
Cache-Control: public, max-age=86400
ETag: "1693989624:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Wed, 06 Sep 2023 08:40:22 GMT
Content-Location: /contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/mashup/mashup:cxml/xZXBbqMwEIafhiOBJN2o6m2vK-0pXe3RGsyUGNkeapskSDz82kDSJq0E3UN9sjH_b74Zxh48_9o_nRrGpUDtmAKhk_VDbtAm6-3PzB1Q4W8qW4k2U9MoCsWz2j97MZPQoVnVtu8VnJMNVNg_7h7yPO1biybZcNIOz65_AWkx7TnwAyYby6nBvmkLKXjaN4Zq5O6DuDFQKeg1-TfBl6Z4i-u1i2k5GQyGuMSSqkroajH1pI8L7Qzwr0BP-kjQE80s7WWsr9MJmEuyrcFvB28O5EizktQs-ygN6G-myPSOSBZgGCel6PYSGd_cxzAKx6MZZpHKpRTgDxlrnZCzaR-1AfmdKxZx6QUVFBK_jn21xmJf1Gc-YMcpEFivu1nWIAqkYYzEaR04ZI3_2iztIB1uD6-ejFE7jEXpfWQWt5iLIRL2wMYaMg4ke_wRsE9gAvYfLfYgW4fPQbL3qRV8DMVmf4nKojV679pSUAjjgFAG-LuNw7Uy38CGxUE6NN3rU6ScnLhiYDvNZ8G9chAG7Ms81o-cutZR4OnFgM_9EaQo4b4WP29h03KI45MNYoRUv7Zouv-sx8GbHbe7PEQ0bbXZrnarfKWEvilU0CA7v5dlvpUYrGDJ6QULwyVp4Z3rm9P0D8bJvVg!?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text/javascript&lm=1693989624000&entry=wp_client_main__0.0%3ahead_js&entry=wp_client_ext__0.0%3ahead_js&entry=wp_client_logging__0.0%3ahead_js&entry=wp_client_tracing__0.0%3ahead_js&entry=wp_modules__0.0%3ahead_js&entry=wp_photon_dom__0.0%3ahead_js&entry=wp_toolbar_common__0.0%3ahead_js&entry=wp_dialog_util__0.0%3ahead_js&entry=wp_dialog_draggable__0.0%3ahead_js&entry=wp_dialog_main__0.0%3ahead_js&entry=wp_a11y__0.0%3ahead_js&entry=wp_state_page__0.0%3ahead_js&entry=wp_client_selector__0.0%3ahead_js&entry=wp_theme_portal_85__0.0%3ahead_js&entry=wp_theme_utils__0.0%3ahead_js&entry=wp_wcm_async__0.0%3ahead_js&entry=wp_toolbar_viewframe_validator__0.0%3ahead_js&entry=jquery__3.6.0%3ahead_js&entry=wp_analytics_aggregator__0.0%3ahead_js
Server-Timing: dtSInfo;desc="0", dtRpid;desc="936202769"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Encoding: gzip
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000026031806c2d5e8bb6957f7c87bdcaf89cf505a26e9ca19edcf70c59e02799fe080d39f3c31130005aa143de8b10daac7891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/wcm/connect/18f46f75-394e-4731-b38a-2dfc9e4bd463/hp-unisalute-protezione-sorriso-dentista-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-18f46f75-394e-4731-b38a-2dfc9e4bd463-oW4GDSF
81.117.60.163200 OK 397 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/18f46f75-394e-4731-b38a-2dfc9e4bd463/hp-unisalute-protezione-sorriso-dentista-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-18f46f75-394e-4731-b38a-2dfc9e4bd463-oW4GDSF
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3660x2226, components 3
Size 397 kB (396650 bytes)
Hash 2fe9a42b2c974ec8a35895152dc07775
8d8c3f649e226e1b6a0e5921b79c98af2e2c5d5c
da94930da4191212a769e6aca749916e51a42b098f2fa263f1d4d39c78c250fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/18f46f75-394e-4731-b38a-2dfc9e4bd463/hp-unisalute-protezione-sorriso-dentista-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-18f46f75-394e-4731-b38a-2dfc9e4bd463-oW4GDSF HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2069170671"
Content-Length: 396650
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-489736024"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20007d22027df207ff00ffe7b7b3766f3fb6bc96942cb6dadcb9c708ee8d22ed56ed086d5c25ce1130006429534273a70b2d0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
tags.tiqcdn.com/utag/unisalute/main/prod/utag.js
54.230.111.11200 OK 332 kB URL GET HTTP/2 tags.tiqcdn.com/utag/unisalute/main/prod/utag.js
IP 54.230.111.11:443
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (13779)
Size 332 kB (332120 bytes)
Hash a5862e6b568d3cb396ef67dc216194c5
1ccb02c74a1f14903cf27adba79f0f52cbd5a38b
ad4ada052df672bfde61fca6e10bb509b0fce34018b9e2b081c3e02a15b4c0aa
GET /utag/unisalute/main/prod/utag.js HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 08 May 2024 12:44:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: KhkNNjjfp3qQlXcCKUwMKfwASMUXKLU4
server: AmazonS3
content-encoding: br
date: Wed, 08 May 2024 22:27:26 GMT
etag: W/"a5862e6b568d3cb396ef67dc216194c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ppEKm2b1rQqy8Dma8n-nXEtb9eO61rn3ZMJQPv-_b-06UUeP9tMEVQ==
age: 30
cache-control: max-age=300
X-Firefox-Spdy: h2
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/mobile.min.css?v=20230925
81.117.60.163200 OK 146 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/mobile.min.css?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Size 146 kB (145685 bytes)
Hash de6551f44fe3af434cd8a0d869a0286b
23ddcb8de1401189cbcef00bde7966216d63983e
295fe9267161f1604e5725c02ef72349e200d259bd9269b93cb337d86d4ac2a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/mobile.min.css?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/mobile.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="581147341"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000d842ba021fe8d14abd652e9f59466ff83ef9ed8d6f102ed7aaa248eb153882a508a2750084113000111708ce169782f87891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/wcm/connect/79b66c3e-d015-4c73-80f9-9ff769758fbf/ICONE32.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-79b66c3e-d015-4c73-80f9-9ff769758fbf-nS0T8fb
81.117.60.163200 OK 4.3 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/79b66c3e-d015-4c73-80f9-9ff769758fbf/ICONE32.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-79b66c3e-d015-4c73-80f9-9ff769758fbf-nS0T8fb
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 187 x 51, 8-bit/color RGBA, non-interlaced
Hash 6e2c583661e12181284d857c888f26fc
f89242ebdbc406f7cc52bb6a86e3871554a8886d
80478f58ee40aa19a71edb23816be71d293a66373aa07d54abeb550fc6861470
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/79b66c3e-d015-4c73-80f9-9ff769758fbf/ICONE32.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-79b66c3e-d015-4c73-80f9-9ff769758fbf-nS0T8fb HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2132974588"
Content-Length: 4252
Server-Timing: dtSInfo;desc="0", dtRpid;desc="22665044"
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000baf09c03a00636d6a3f9ab6daa81811c2a6bb0601936e9620f9799ebee6f6e1008f7531104113000d2504ede6a0cf3b70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/sp/mashup:ra:collection?soffset=0&eoffset=30&themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fcss&lm=1696942526000&entry=wp_toolbar_common__0.0%3Ahead_css&entry=wp_one_ui_303__0.0%3Ahead_css&entry=wp_dialog_css__0.0%3Ahead_css&entry=wp_one_ui_dijit_303__0.0%3Ahead_css&entry=wp_toolbar_logo__0.0%3Ahead_css&entry=wp_tagging_rating_light__0.0%3Ahead_css&entry=wp_theme_portal_edit_85__0.0%3Ahead_css&entry=wp_theme_portal_85__0.0%3Ahead_css&entry=wp_portlet_css__0.0%3Ahead_css&entry=wp_toolbar_common_actionbar__0.0%3Ahead_css&entry=wp_simple_contextmenu_css__0.0%3Ahead_css&entry=wp_toolbar_actionbar__0.0%3Ahead_css&entry=wp_ic4_wai_resources__0.0%3Ahead_css&entry=wp_toolbar_sitepreview__0.0%3Ahead_css&entry=bootstrap__4.6.1%3Ahead_css&entry=wb-module__0.0%3Ahead_css&entry=wp_liveobject_framework__0.0%3Ahead_css&entry=wp_toolbar_moremenu__0.0%3Ahead_css&entry=wp_status_bar__0.0%3Ahead_css&entry=wp_toolbar_projectmenu__0.0%3Ahead_css&entry=slick__0.0%3Ahead_css&entry=wp_oob_sample_styles__0.0%3Ahead_css
81.117.60.163200 OK 243 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/sp/mashup:ra:collection?soffset=0&eoffset=30&themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fcss&lm=1696942526000&entry=wp_toolbar_common__0.0%3Ahead_css&entry=wp_one_ui_303__0.0%3Ahead_css&entry=wp_dialog_css__0.0%3Ahead_css&entry=wp_one_ui_dijit_303__0.0%3Ahead_css&entry=wp_toolbar_logo__0.0%3Ahead_css&entry=wp_tagging_rating_light__0.0%3Ahead_css&entry=wp_theme_portal_edit_85__0.0%3Ahead_css&entry=wp_theme_portal_85__0.0%3Ahead_css&entry=wp_portlet_css__0.0%3Ahead_css&entry=wp_toolbar_common_actionbar__0.0%3Ahead_css&entry=wp_simple_contextmenu_css__0.0%3Ahead_css&entry=wp_toolbar_actionbar__0.0%3Ahead_css&entry=wp_ic4_wai_resources__0.0%3Ahead_css&entry=wp_toolbar_sitepreview__0.0%3Ahead_css&entry=bootstrap__4.6.1%3Ahead_css&entry=wb-module__0.0%3Ahead_css&entry=wp_liveobject_framework__0.0%3Ahead_css&entry=wp_toolbar_moremenu__0.0%3Ahead_css&entry=wp_status_bar__0.0%3Ahead_css&entry=wp_toolbar_projectmenu__0.0%3Ahead_css&entry=slick__0.0%3Ahead_css&entry=wp_oob_sample_styles__0.0%3Ahead_css
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size 243 kB (242574 bytes)
Hash 223db56c7cb02c7798bfadf19f9ca548
ea3e747c92cba705994dedc59a3bfa544a2f66ca
ba587102fb503c432455cfe63c24936b3af76b7c2528bbc0bcb0f59aa3ec75c5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/sp/mashup:ra:collection?soffset=0&eoffset=30&themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fcss&lm=1696942526000&entry=wp_toolbar_common__0.0%3Ahead_css&entry=wp_one_ui_303__0.0%3Ahead_css&entry=wp_dialog_css__0.0%3Ahead_css&entry=wp_one_ui_dijit_303__0.0%3Ahead_css&entry=wp_toolbar_logo__0.0%3Ahead_css&entry=wp_tagging_rating_light__0.0%3Ahead_css&entry=wp_theme_portal_edit_85__0.0%3Ahead_css&entry=wp_theme_portal_85__0.0%3Ahead_css&entry=wp_portlet_css__0.0%3Ahead_css&entry=wp_toolbar_common_actionbar__0.0%3Ahead_css&entry=wp_simple_contextmenu_css__0.0%3Ahead_css&entry=wp_toolbar_actionbar__0.0%3Ahead_css&entry=wp_ic4_wai_resources__0.0%3Ahead_css&entry=wp_toolbar_sitepreview__0.0%3Ahead_css&entry=bootstrap__4.6.1%3Ahead_css&entry=wb-module__0.0%3Ahead_css&entry=wp_liveobject_framework__0.0%3Ahead_css&entry=wp_toolbar_moremenu__0.0%3Ahead_css&entry=wp_status_bar__0.0%3Ahead_css&entry=wp_toolbar_projectmenu__0.0%3Ahead_css&entry=slick__0.0%3Ahead_css&entry=wp_oob_sample_styles__0.0%3Ahead_css HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: FWMrmLLsjgP_W-CWC_Cfyg
X-DataSource-Digest: 57V0MJHnGWOvb6EWw16YdA
Expires: Thu, 09 May 2024 22:27:54 GMT
Cache-Control: public, max-age=86400
ETag: "1696942526:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Tue, 10 Oct 2023 12:55:24 GMT
Content-Location: /contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/sp/mashup:ra:collection?soffset=0&eoffset=30&themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text/css&lm=1696942526000&entry=wp_toolbar_common__0.0%3ahead_css&entry=wp_one_ui_303__0.0%3ahead_css&entry=wp_dialog_css__0.0%3ahead_css&entry=wp_one_ui_dijit_303__0.0%3ahead_css&entry=wp_toolbar_logo__0.0%3ahead_css&entry=wp_tagging_rating_light__0.0%3ahead_css&entry=wp_theme_portal_edit_85__0.0%3ahead_css&entry=wp_theme_portal_85__0.0%3ahead_css&entry=wp_portlet_css__0.0%3ahead_css&entry=wp_toolbar_common_actionbar__0.0%3ahead_css&entry=wp_simple_contextmenu_css__0.0%3ahead_css&entry=wp_toolbar_actionbar__0.0%3ahead_css&entry=wp_ic4_wai_resources__0.0%3ahead_css&entry=wp_toolbar_sitepreview__0.0%3ahead_css&entry=bootstrap__4.6.1%3ahead_css&entry=wb-module__0.0%3ahead_css&entry=wp_liveobject_framework__0.0%3ahead_css&entry=wp_toolbar_moremenu__0.0%3ahead_css&entry=wp_status_bar__0.0%3ahead_css&entry=wp_toolbar_projectmenu__0.0%3ahead_css&entry=slick__0.0%3ahead_css&entry=wp_oob_sample_styles__0.0%3ahead_css
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-425552948"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css; charset=UTF-8
Content-Encoding: gzip
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000ca27c42fd68acf55cdd3301c40bcb6de42b5d1c3c3e7cfe59c111accad456031087e02c6b911300053f217fb82e202e37891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
143.204.55.101 1.9 kB URL widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
IP 143.204.55.101:0
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (4945)
Hash 55b3ceb7ca6978d9dab4e23e8ae678b1
6f1413f542e9056af4ce1d663382850acc7a8ff3
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Mon, 08 May 2023 11:42:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 01:31:59 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vwQITkeJQoqA3W2s0dp_jImrVCHXr25TQycWedmKv9HL5miZcIhv2w==
age: 75358
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
143.204.55.101 1.9 kB URL widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
IP 143.204.55.101:0
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (4945)
Hash 55b3ceb7ca6978d9dab4e23e8ae678b1
6f1413f542e9056af4ce1d663382850acc7a8ff3
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Mon, 08 May 2023 11:42:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 01:31:59 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W0DoS-031TL9spc3MDAvNE_5Ks3dTfgSSVpl3DOI_L82rTX56VrG9g==
age: 75358
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
81.117.60.163/wcm/connect/7edce6c9-1e82-4959-b2be-78259240d04c/uni-app+%281%29.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7edce6c9-1e82-4959-b2be-78259240d04c-nS0T8fb
81.117.60.163200 OK 100 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/7edce6c9-1e82-4959-b2be-78259240d04c/uni-app+%281%29.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7edce6c9-1e82-4959-b2be-78259240d04c-nS0T8fb
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 460 x 633, 8-bit/color RGBA, non-interlaced
Hash d99ac56a05dc1bb958f883f71f22e7b8
f8d3f5f3bccb2c9dc25f23c59d78bc59bebf8ad5
6d0b37aa3b1f312396e53d4a37ca4725a3e10b0d06a06edccedcb988053f2109
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/7edce6c9-1e82-4959-b2be-78259240d04c/uni-app+%281%29.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7edce6c9-1e82-4959-b2be-78259240d04c-nS0T8fb HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2132974588"
Content-Length: 99907
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-793912439"
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000ca484a875a7e07031d4a2292e977adef325b702fd46a68f97216d5da78ca9fd808eae971b711300081bdd208cca2cba78263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-shopping-cart.svg
81.117.60.163200 OK 1.5 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-shopping-cart.svg
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 1168d4e7cbe8ecdc41689ef88b3e5321
6fdedbffb0c509fd3479d3ce79f05e1b89c30468
1214d0783a409741c1755f5adfefd9bdbe0d7393f94613a0195af4cb288f746d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-shopping-cart.svg HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000834efa97f0092b3dd8a0e1c2b8658efaea17719373ee8bb86239cc5ea8f09826085d3c0ed91130006b10ac7e30979cc30ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h2vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209075762|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: J1X1RLjDuhPdlxM-D8OpJA
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-shopping-cart.svg
Content-Length: 1459
Server-Timing: dtSInfo;desc="0", dtRpid;desc="123471375"
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20000d6bfd640d694636db2e1a0b03c6800f8b032fe1e37cbd0ff87868835d574a3e084560a02f113000d6a25de2f77eb91f8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/63292d6a-8f10-4c9a-92b2-65b79958ade7/perche+sceglierci_2.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-63292d6a-8f10-4c9a-92b2-65b79958ade7-oHgV.0k
81.117.60.163200 OK 172 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/63292d6a-8f10-4c9a-92b2-65b79958ade7/perche+sceglierci_2.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-63292d6a-8f10-4c9a-92b2-65b79958ade7-oHgV.0k
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.0 (Macintosh), datetime=2023:09:26 11:29:08], progressive, precision 8, 1216x1795, components 3
Size 172 kB (171662 bytes)
Hash 0dc0740724cb75dbb83be7ab8e868386
4b5f0d206fc3b894653767668533b2acd80ffa66
c19a21622250b4475a2b2170fb7c57131b157b77c2110b60626cfe65bd5d9c3a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/63292d6a-8f10-4c9a-92b2-65b79958ade7/perche+sceglierci_2.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-63292d6a-8f10-4c9a-92b2-65b79958ade7-oHgV.0k HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200016635fc1326cf2367c16e3e3e88de34dc062b227901fa0ce20e81429c9144ba5084e9c175b1130001dc86353c12d9ded0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1722738224"
Content-Length: 171662
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1476988450"
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20002087c05b3ca23ba21cb2f94f7eaa747f7883fe3213a0e879a74b1c62433c21830889412fdd1130007cce26487919adf18263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/main.min.js?v=20230925
81.117.60.163200 OK 261 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/main.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Size 261 kB (260741 bytes)
Hash 7453a00b9e92544a7bd9c40045a1901c
903e7de138686292cbce00aac2e520c37097a07e
71c5bb13e113ed56d05ad01ca405d8686efa88e23b21eafd02b6d813b9e7f951
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/main.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Thu, 18 Jan 2024 14:36:28 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/main.min.js
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2030545673"
Keep-Alive: timeout=60, max=99
Connection: close
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000426285ea57c63ee0b108e8cf6a49fd079d1b3756cc4ff07e747695eb6f6647cc086389be8f113000764ba838e2687e847891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/wcm/connect/2498af88-71cf-47da-9ef3-29fea19c63e4/ICONE12.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-2498af88-71cf-47da-9ef3-29fea19c63e4-oW47ygN
81.117.60.163200 OK 1.3 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/2498af88-71cf-47da-9ef3-29fea19c63e4/ICONE12.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-2498af88-71cf-47da-9ef3-29fea19c63e4-oW47ygN
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 68a184eb35dd4ac27dae47771e5327f6
55e51d4a3796765050d33ab3cc2952f73970a8d9
46eb5f8a66e4af105706ad3239f6483079a34e5c13771872801a2d2beaddb935
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/2498af88-71cf-47da-9ef3-29fea19c63e4/ICONE12.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-2498af88-71cf-47da-9ef3-29fea19c63e4-oW47ygN HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2078368621"
Content-Length: 1267
Server-Timing: dtSInfo;desc="0", dtRpid;desc="313709015"
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20009caa5fbd02141e97bb7d7a96ce2d13a1bfb462bb01b5d993f1625b8da626c63a08db4e8857113000974c7268f005302a8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/minimal.min.css
81.117.60.163200 OK 17 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/minimal.min.css
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (56484)
Hash 8c3b95b846c82c3b4a85fe02c7f4ed5d
77355313218f69fdec554be14d2396abe05746aa
a44ca6d13904478fa0dbc2906d6aa15412c1d52803da858741d81e5606544e3f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/minimal.min.css HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/minimal.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1978930553"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20009e92581d929d8728ebb611cce87ce54b07c1fe5a3bf413b8cda090c3d4b74a7108f2c8d8dd1130003b9ce20604b4e5e57891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron.svg
81.117.60.163200 OK 504 B URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron.svg
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash b481ff442bc09d23d98663d309a4831a
4ab0f9346aa66ffcd12fcc04d4a618913ddb19f8
d2375c5c23e86180a35479cce34b46c6a66ad32f4af49e3ab64231956199c46a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron.svg HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200016635fc1326cf2367c16e3e3e88de34dc062b227901fa0ce20e81429c9144ba5084e9c175b1130001dc86353c12d9ded0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron.svg
Content-Length: 504
Server-Timing: dtSInfo;desc="0", dtRpid;desc="232424587"
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200085cf2eb3c55fb5320b9b3cf9386a3c305066318ffc1fb6af1c2ea6b09072765008cd2e4e00113000834c904c781fd5288263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/loading.gif
81.117.60.163200 OK 825 B URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/loading.gif
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type GIF image data, version 89a, 16 x 16
Hash 62c0a6925a589e3eaad809b23c9ec31c
f1b251ce6565f0948c1b6a651fdfbb2b1c81b416
fcdbc127c2e8495d699e3b206607d5ffcc133179897005aec1a0194d2469f7f6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/loading.gif HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008c413e71fb137468b6c8e6d54c2b871c30bfc9faa6efab57482135d5aeebbbbf08c317eb5f1130009c4794568ea1d89e0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/loading.gif
Content-Length: 825
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1538123533"
Keep-Alive: timeout=60, max=92
Connection: Keep-Alive
Content-Type: image/gif
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20000e316d8eb733b976b19d59a0e3fd183b8fa2abe1e5095a84f1f500b82e3c27cd08b7e7511a1130001151630237a2e7708263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/47aa316e-c58f-45c1-98d5-94e67525c455/portale+d%27adesione.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-47aa316e-c58f-45c1-98d5-94e67525c455-o02DLg6
81.117.60.163200 OK 1.3 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/47aa316e-c58f-45c1-98d5-94e67525c455/portale+d%27adesione.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-47aa316e-c58f-45c1-98d5-94e67525c455-o02DLg6
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Hash 68a184eb35dd4ac27dae47771e5327f6
55e51d4a3796765050d33ab3cc2952f73970a8d9
46eb5f8a66e4af105706ad3239f6483079a34e5c13771872801a2d2beaddb935
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/47aa316e-c58f-45c1-98d5-94e67525c455/portale+d%27adesione.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-47aa316e-c58f-45c1-98d5-94e67525c455-o02DLg6 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "44003097"
Content-Length: 1267
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1017870812"
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20000db9d3b4e021cfd155257e35f1254f5f54d03308399188d80961134c15298e86081e84d1b1113000c25dcacd3aa6bc038263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/alloy_finger.min.js?v=20230925
81.117.60.163200 OK 14 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/alloy_finger.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 405eb03cf172d3c77c798851d5bd8fd0
d5e9c090389ebba734a1fa6881316d7d0ec5ca2b
d9aa0c45a2f84ff22463775f921f47c79c9c76f64de34409834b7aa3c132ecc1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/alloy_finger.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/alloy_finger.min.js
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1983452723"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20007ef0366ad7f7ae17545a6f0ddfc00dd5284da0da0ca787453cd042a1237fc70108f34b4915113000a8eed07ad2f5c05a7891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
143.204.55.101200 OK 16 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b#locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (50929)
Hash ee881e36621624477d03bab184693d7b
b3cbf185ba8c6797ea9b3af9dd04c0c848272a54
86d97a14033933535289ca54a639089c071ac95d4694128d74cbe1ceea3cdfe3
GET /trustboxes/53aa8807dec7e10d38f59f32/main.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 15571
last-modified: Mon, 08 May 2023 11:42:56 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 02:43:47 GMT
cache-control: max-age=86400
etag: "f90daf8c8f47c6afab7d4e27466118b5"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zv3F-C1z8lVvDn5cZDPGE11QBL9DzDmqkKfI0lXN1UpFK-KlYs7-oQ==
age: 71057
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
81.117.60.163/wcm/connect/192107c0-9a8a-42ef-8fbd-bb7dea118fa1/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-192107c0-9a8a-42ef-8fbd-bb7dea118fa1-oNoYdn1
81.117.60.163200 OK 129 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/192107c0-9a8a-42ef-8fbd-bb7dea118fa1/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-192107c0-9a8a-42ef-8fbd-bb7dea118fa1-oNoYdn1
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Size 129 kB (129008 bytes)
Hash 3fe05ed1ecdaf24f5bdcbbe442fea2a9
7ed1ccc7cdd967101c2aa3106ac4328918859f27
f0b5d1e26a52916e9adde8ed7c9a95c9e63e1e221eafe68b93e8eb064bc31a43
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/192107c0-9a8a-42ef-8fbd-bb7dea118fa1/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-192107c0-9a8a-42ef-8fbd-bb7dea118fa1-oNoYdn1 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000648c804b549c60ea6128493213bf6f443d7ac88c86e7022335a7027fb10ecf3608759987e71130006854085c9802f33b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1492209535"
Content-Length: 129008
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-962116536"
Keep-Alive: timeout=60, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20002610a717599541603cdd6a94f9ff083f47e6f273aa180a18af7ab2cee65620c808b02caf59113000c42df3a551063b928263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/08b0bbb2-af2c-4d9c-a72b-d830d5ed451e/map-marker-alt-solid.svg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-08b0bbb2-af2c-4d9c-a72b-d830d5ed451e-oGfeeFL
81.117.60.163200 OK 487 B URL GET HTTP/1.1 81.117.60.163/wcm/connect/08b0bbb2-af2c-4d9c-a72b-d830d5ed451e/map-marker-alt-solid.svg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-08b0bbb2-af2c-4d9c-a72b-d830d5ed451e-oGfeeFL
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 897502be83c34361d96fd099873bd5ce
bb8023395aca91ceee4296d64785cab19d65732d
f60f12a2e91186bc651c32e4524a0fbbbabac9554bc633204e1ace4ac0b0aa3b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/08b0bbb2-af2c-4d9c-a72b-d830d5ed451e/map-marker-alt-solid.svg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-08b0bbb2-af2c-4d9c-a72b-d830d5ed451e-oGfeeFL HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-889555671"
Content-Length: 487
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-543728137"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: unknown/unknown
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200089baa48b23b685f530a339974ec270c2ab47612572954d88657053803628b994085d802f301130002a2210e7ea35e00b8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/8f364586-a918-42ee-b4cc-0b3cdef0d269/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8f364586-a918-42ee-b4cc-0b3cdef0d269-oSN9Kv7
81.117.60.163200 OK 124 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/8f364586-a918-42ee-b4cc-0b3cdef0d269/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8f364586-a918-42ee-b4cc-0b3cdef0d269-oSN9Kv7
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Size 124 kB (123846 bytes)
Hash a425d16caa9f15cba98ad0997591c81c
7edabbf4db2475aa3a946bd574a9501feff5bd52
4f8e069625bcadea87ee7fd4792b1998cdfe5cbe1f63c2f16f7b24ce2895fa1f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/8f364586-a918-42ee-b4cc-0b3cdef0d269/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8f364586-a918-42ee-b4cc-0b3cdef0d269-oSN9Kv7 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000648c804b549c60ea6128493213bf6f443d7ac88c86e7022335a7027fb10ecf3608759987e71130006854085c9802f33b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-1322819559"
Content-Length: 123846
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1170582067"
Keep-Alive: timeout=60, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200002b90bf56e785f2579f5746801592ce028f81b7745856c90c7ae9467ee1f662e08cee91138113000c16aef670cef097b8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/d64e01ae-db33-4b69-b5f9-0cebcf82d690/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d64e01ae-db33-4b69-b5f9-0cebcf82d690-oUJNkg-
81.117.60.163200 OK 111 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/d64e01ae-db33-4b69-b5f9-0cebcf82d690/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d64e01ae-db33-4b69-b5f9-0cebcf82d690-oUJNkg-
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Size 111 kB (110964 bytes)
Hash bc388bbe9ea9d3bf370a68b9368e0881
a9369b674f35a73af1ff689a4a151cd4bed54c0f
116524a26bce1667d925496f4dcf05f8f7eee260fcaf12038051dafefb34bbc2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/d64e01ae-db33-4b69-b5f9-0cebcf82d690/homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-d64e01ae-db33-4b69-b5f9-0cebcf82d690-oUJNkg- HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000648c804b549c60ea6128493213bf6f443d7ac88c86e7022335a7027fb10ecf3608759987e71130006854085c9802f33b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "767934503"
Content-Length: 110964
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2091223013"
Keep-Alive: timeout=60, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20008a49be6ecc085c7231cb76b7c54a415927a63fae92940a288ee4992735688428085eb9b2f6113000d7f57aa7013df5c28263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/0fc4852b-494c-43a6-8799-bb4d9496a6f8/news-homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-0fc4852b-494c-43a6-8799-bb4d9496a6f8-oQcCHNC
81.117.60.163200 OK 139 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/0fc4852b-494c-43a6-8799-bb4d9496a6f8/news-homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-0fc4852b-494c-43a6-8799-bb4d9496a6f8-oQcCHNC
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Size 139 kB (139106 bytes)
Hash 46275419224ec271e2345a45dbe9daf4
0f7b2475289a5187d8ea701c6fbc153f2fbe81a4
0bc88b861e43fed6acfd291d3a475ea90c091ef3b030e07a9f73828f039a0bb5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/0fc4852b-494c-43a6-8799-bb4d9496a6f8/news-homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-0fc4852b-494c-43a6-8799-bb4d9496a6f8-oQcCHNC HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000648c804b549c60ea6128493213bf6f443d7ac88c86e7022335a7027fb10ecf3608759987e71130006854085c9802f33b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "211498866"
Content-Length: 139106
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-388059930"
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20004a66e0551b50a96ac98f9446fb90543dba928d1fe7c8e3f79e167e959bbcddf808706b32e7113000b86f4b169c3fa6cc8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-user-guest.svg
81.117.60.163200 OK 859 B URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-user-guest.svg
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash f8925ee4655de79b2bea4144724a02fc
43a800b1b61c699347285d9e74123794824fc890
0b5209720ec25878fecd944b2600bbdedc3e3183734aa61874bdfbbf3a3ccde3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-user-guest.svg HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200094bf1ad720ced33547264db70abfa3ae2385009881ca16ac0e4fe06814ce35680887854210113000546b34d4f225d3fc0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/icon-user-guest.svg
Content-Length: 859
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-799663334"
Keep-Alive: timeout=60, max=100
Connection: Keep-Alive
Content-Type: image/svg+xml
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000dd7d08f8cda2d1e94f05532d739b1a7cf54078348e8efc3c057280271fae254508c81cb3271130000488a8387fed0aad8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/a7c3af39-db98-4104-94b7-51592b2e10a7/news-home.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-a7c3af39-db98-4104-94b7-51592b2e10a7-oLnwzim
81.117.60.163200 OK 144 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/a7c3af39-db98-4104-94b7-51592b2e10a7/news-home.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-a7c3af39-db98-4104-94b7-51592b2e10a7-oLnwzim
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Size 144 kB (143853 bytes)
Hash 692280c6f33e2598f3a9a936441d3e9a
36f8378a190023cd4b4bc25851d74c92cdc8d061
3b47168f614f7f9b7ad0223aa00a6b469eab1bbfeabe394aaed5c812905a3faa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/a7c3af39-db98-4104-94b7-51592b2e10a7/news-home.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-a7c3af39-db98-4104-94b7-51592b2e10a7-oLnwzim HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000648c804b549c60ea6128493213bf6f443d7ac88c86e7022335a7027fb10ecf3608759987e71130006854085c9802f33b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-679302051"
Content-Length: 143853
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-101519380"
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000704a0dc70aa9b55e8f5ad8fad8184bd538ad1c11150e869cf75b01f3df51d9200833936370113000d8491922bbd450f68263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/flatpickr.min.css
81.117.60.163200 OK 75 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/flatpickr.min.css
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash 99110a242a1bdb3828c7a1886bf0ed44
ba7c0ee4ea69c6202b515cc646afbc8b16774c2f
cba87729800cb81fd1a1236edaaa2c8d9a747c0d1cb2f725dcbca90e4b8e17df
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/flatpickr.min.css HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/flatpickr.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1012448503"
Keep-Alive: timeout=60, max=99
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20004e4969eb6a2febc91ff538c019db8da5c1cadbd6a6d9f9b6d2c967a8be0e35a608e3b9226c113000197f8cdc43e800237891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/warning-icon.svg
81.117.60.163200 OK 1.5 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/warning-icon.svg
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 9e407786de3fdce5ba3dc518863dc391
123ab90dd4da490c4e4f93a8b04fbf0d2fddd958
a6c77baf0618085b3a3de0c9eeee7e0366e158b56107bc65b8bb9507cd26f56a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/warning-icon.svg HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/warning-icon.svg
Content-Length: 1536
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-791876373"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000d9e269d824e67c6ab257671e26096a84bab22da97b3013eeea9af99c3ea3963808fd71ac16113000c0a608ce37bad5488263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/74ec7cc2-6d59-423e-ab19-dc8515c67e15/sanit%C3%A0-pubblica-news.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-74ec7cc2-6d59-423e-ab19-dc8515c67e15-otb4Wln
81.117.60.163200 OK 83 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/74ec7cc2-6d59-423e-ab19-dc8515c67e15/sanit%C3%A0-pubblica-news.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-74ec7cc2-6d59-423e-ab19-dc8515c67e15-otb4Wln
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Hash 7ab6f83ab09ca23f6ba8eb40c0e69113
4e55c3674be76058a67cb9d2769198b15f36c3f8
a1df55ef8f691d226bd781579d956ecbff6c713729f47369c5dc8ae63c31dc47
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/74ec7cc2-6d59-423e-ab19-dc8515c67e15/sanit%C3%A0-pubblica-news.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-74ec7cc2-6d59-423e-ab19-dc8515c67e15-otb4Wln HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1259609893"
Content-Length: 82943
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-467855856"
Keep-Alive: timeout=60, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20000e23aba96ecfa4244dd8bc3c1a51c0a0de9e5ded93535debc5de27d0ab3a18ea0872f78df0113000d8282b834fc4fb418263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/master.png
81.117.60.163200 OK 10 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/master.png
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 95 x 1618, 8-bit/color RGBA, non-interlaced
Hash 598641c8c85502af99fcd64ef17013b1
f20b002d2dd414a7c1cc5cb73919e430ee1bd34b
23ffde8c6d7ae6da6d424c5131470e50d6146075d15db2b80453703b7e89d326
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/master.png HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/css/images/master.png
Content-Length: 10119
Server-Timing: dtSInfo;desc="0", dtRpid;desc="112454598"
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000a1292d29ea186626bc9fe858e3c864b6e793a84313d45e31f8b92d9b236324a50884cbe5c61130000cbf1789ffa985588263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/122966b6-07c2-4fa5-b88b-27e4573ad8c7/UniSalute_banner+580x400+personas+insieme.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-122966b6-07c2-4fa5-b88b-27e4573ad8c7-oya-yQm
81.117.60.163200 OK 226 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/122966b6-07c2-4fa5-b88b-27e4573ad8c7/UniSalute_banner+580x400+personas+insieme.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-122966b6-07c2-4fa5-b88b-27e4573ad8c7-oya-yQm
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.4 (Macintosh), datetime=2023:04:27 15:37:04], baseline, precision 8, 580x400, components 3
Size 226 kB (226425 bytes)
Hash b39222260855410075e4b727bcf95985
5cffdb5bb8a5daccd95d5547a85dfd59ccf02532
05037484a97ce783981ba479f0db8a6f51c340cb40c7da6d953a574b92bf072a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/122966b6-07c2-4fa5-b88b-27e4573ad8c7/UniSalute_banner+580x400+personas+insieme.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-122966b6-07c2-4fa5-b88b-27e4573ad8c7-oya-yQm HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-1963284042"
Content-Length: 226425
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1459297346"
Keep-Alive: timeout=60, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200080d6dd28d76e236276f0d1ddf3ec56796ae3fac2c7baa1b1b82eceb935826c6208004ec4c1113000630b572ee912641a8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-left-blue.png
81.117.60.163200 OK 16 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-left-blue.png
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 24 x 47, 8-bit/color RGBA, non-interlaced
Hash 6bc94f0e9d5b388789bb766835ca01bf
039060d7505c2c62fd0047405d823ed7bbe33101
b35b6bed8a228b80c83db93ca660dcd12952f3449d884bc7992cab6bb4361c50
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-left-blue.png HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200089baa48b23b685f530a339974ec270c2ab47612572954d88657053803628b994085d802f301130002a2210e7ea35e00b8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h5vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209076358|1715207274800; dtSa=-; AMCV_A69A372A60E55C2A0A495FA6%40AdobeOrg=-1124106680%7CMCIDTS%7C19852%7CvVersion%7C5.2.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: LUOv72S05w1bQKKnfXcslg
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-left-blue.png
Content-Length: 15696
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-495713451"
Keep-Alive: timeout=60, max=89
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200032e0c774e66e3386087725aa46d38e666ae8efa64385b88d857289676424824408d70bc00d11300039b25f96681748218263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=unisalute/main/202405081244&cb=1715207276343
54.230.111.11200 OK 2 B URL GET HTTP/2 tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=unisalute/main/202405081244&cb=1715207276343
IP 54.230.111.11:443
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7bc0ee636b3b83484fc3b9348863bd22
ebbffb7d7ea5362a22bfa1bab0bfdeb1617cd610
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
GET /utag/tiqapp/utag.v.js?a=unisalute/main/202405081244&cb=1715207276343 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 22:22:54 GMT
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fp9BcRAnUw4LjcOu_JVkhQUnqZd43zB3g_rGglUtp827l7mUB4CEzw==
age: 303
cache-control: max-age=300
X-Firefox-Spdy: h2
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-right-blue.png
81.117.60.163200 OK 16 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-right-blue.png
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 24 x 47, 8-bit/color RGBA, non-interlaced
Hash 70f9ad75deff42d7dc4dbd88dd6050ee
e434e9f3ed04bf4b4f9d0ec6740d0e7679c056a1
83cecc239371b6238d4b12ea2d19da24d824f2db44bfc2adaa9ca3b0881875ed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-right-blue.png HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20004a66e0551b50a96ac98f9446fb90543dba928d1fe7c8e3f79e167e959bbcddf808706b32e7113000b86f4b169c3fa6cc8263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h5vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209076358|1715207274800; dtSa=-; AMCV_A69A372A60E55C2A0A495FA6%40AdobeOrg=-1124106680%7CMCIDTS%7C19852%7CvVersion%7C5.2.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: LUOv72S05w1bQKKnfXcslg
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/icons/chevron-right-blue.png
Content-Length: 15673
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1637855380"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200016a29a6e95624278f0f53a2c741e97bb3cd2cc9896788663977c073cf1cfa5440835ee99d91130003f4f017cb863d9208263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
cdn.cookielaw.org/scripttemplates/otSDKStub.js
104.19.178.52200 OK 6.9 kB URL GET HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (21229)
Hash 0b240efaa8d49be60806096ca5b0ca04
6c0b504ace45134621201b82f0f53d77b0354678
6a2f825beb3b540a044cdb0515177c34497aa2ce92e335bf1498fa42bb5baf88
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:56 GMT
content-type: application/javascript
content-length: 6881
content-encoding: gzip
content-md5: Dw6K+rTuf8kOuPIEBw1QQA==
last-modified: Mon, 06 May 2024 19:45:11 GMT
etag: 0x8DC6E050A941AA8
x-ms-request-id: 7cb9e583-301e-002a-5b98-a0342c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 28594
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce1471bbeb529-OSL
X-Firefox-Spdy: h2
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/bootstrap-select.min.js?v=20230925
81.117.60.163200 OK 149 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/bootstrap-select.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Size 149 kB (148889 bytes)
Hash 4c3f40046f8350f4dcbb1e3c88db0953
253eb8ff80649205e73fa8a0c631ccdf873805a7
76529e0b7cbcff1975ce903f7c07810ab4bc9c427ba05f65b92318dd9b441462
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/bootstrap-select.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/bootstrap-select.min.js
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="690165839"
Keep-Alive: timeout=60, max=99
Connection: close
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000b3bd83c2f59e0a598e2ab39814a601d23083fa35291482af1d41aec7e7e511f90894fb924e1130001a27500620dbfd6c7891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
i.ytimg.com/vi/nsThQrM5QkE/mqdefault.jpg
142.250.74.182200 OK 5.8 kB URL GET HTTP/2 i.ytimg.com/vi/nsThQrM5QkE/mqdefault.jpg
IP 142.250.74.182:443
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3
Hash 6bec2dc259eb49ab47ccbca6c75103a8
f69cee9386c0abb809e3da54748e91288fc5663d
718ffa874f075a1b39e12d3fb69f2a091469f31e68bc52524e7dfebab0043757
GET /vi/nsThQrM5QkE/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 5795
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 20:47:22 GMT
expires: Wed, 08 May 2024 22:47:22 GMT
cache-control: public, max-age=7200
age: 6034
etag: "0"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/-tmy9RINqeM/mqdefault.jpg
142.250.74.182200 OK 9.2 kB URL GET HTTP/2 i.ytimg.com/vi/-tmy9RINqeM/mqdefault.jpg
IP 142.250.74.182:443
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD2:2C:3D:05:38:12:27:20:C9:64:22:58:3A:99:D5:43:6E:BD:3B:D2
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3
Hash 30da7e9e584ee2e4b91920b655865ff8
dfbec57befed08ea3d84c9e7be9abed63fd2a2b0
deb01b2c6fbe563f7db4dcd37d4f43e41622e0ecdc6302642ea37f918d7f0ccc
GET /vi/-tmy9RINqeM/mqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 9231
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 20:47:22 GMT
expires: Wed, 08 May 2024 22:47:22 GMT
cache-control: public, max-age=7200
age: 6034
etag: "1707320871"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac.json
104.19.178.52200 OK 1.7 kB URL GET HTTP/2 cdn.cookielaw.org/consent/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac.json
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash a71c1f99648b69dabe751e64335dae67
52167ca6e862ce33eaa6be40b4593baab65b5f93
92972d71deced3c0583ece39c0ce5a4f4cd4a87c9fbff4fcd5a49f7c97f0cbbc
GET /consent/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:56 GMT
content-type: application/x-javascript
content-length: 1650
cf-ray: 880ce147caecb4ed-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC295D6AD88EAC
expires: Thu, 09 May 2024 22:27:56 GMT
last-modified: Fri, 09 Feb 2024 10:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: akcxfPmu7CsWmcgOPoINpw==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ddce17c6-001e-0096-1795-983052000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2024/04/elettrostimolazione-muscolare.webp
185.19.185.51200 OK 130 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/04/elettrostimolazione-muscolare.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 130 kB (129990 bytes)
Hash a3fc191502286c4650574d67c191e059
0d43b56534fa6f5d6b81aa7d4fb75ea087314357
2e1737670d9f14c8f8d902466e9a15fe149022e0a4b5c4b3cee2326307df4e29
GET /wp-content/uploads/2024/04/elettrostimolazione-muscolare.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 129990
last-modified: Tue, 30 Apr 2024 09:29:21 GMT
etag: "1fbc6-6174d014c0b44"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32
143.204.55.101204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b#locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 08 May 2024 22:27:56 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BRGxnyhSoNtu5ONATxpso8IWnT-mgVZIPokGDoQoDbra48xITVUpaw==
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxView?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32
143.204.55.101204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxView?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b#locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxView?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 08 May 2024 22:27:56 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nnYPSlgBDN2He6U27Y3IB4c3fcKnyQbqAyJd3Dly1pYUwlpmv0R8Zw==
X-Firefox-Spdy: h2
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&entry=wp_liveobject_framework_core__0.0%3Aconfig_js&entry=wp_liveobject_framework__0.0%3Aconfig_js&entry=wp_one_ui_303__0.0%3Aconfig_js&entry=wp_dialog_main__0.0%3Aconfig_js&entry=wp_tagging_rating_light__0.0%3Aconfig_js&entry=wp_high_contrast__0.0%3Aconfig_js&entry=popper__1.14.7%3Aconfig_js&entry=bootstrap__4.6.1%3Aconfig_js&entry=pre-amd-fix__0.0%3Aconfig_js&entry=wb-module__0.0%3Aconfig_js&entry=wp_state_page_modes__0.0%3Aconfig_js&entry=wp_toolbar_utils__0.0%3Aconfig_js&entry=wp_simple_contextmenu_ext__0.0%3Aconfig_js&entry=wp_simple_contextmenu_js__0.0%3Aconfig_js&entry=wp_toolbar_actionbar__0.0%3Aconfig_js&entry=post-amd-fix__0.0%3Aconfig_js&entry=wp_toolbar_menuactions__0.0%3Aconfig_js&entry=wp_toolbar_sitepreview_menuactions__0.0%3Aconfig_js&entry=wp_ic4_wai_resources__0.0%3Aconfig_js&entry=wp_theme_skin_region__0.0%3Aconfig_js&entry=wp_status_bar__0.0%3Aconfig_js&entry=wp_toolbar_projectmenu__0.0%3Aconfig_js&entry=slick__0.0%3Aconfig_js&entry=wp_toolbar_contextmenu__0.0%3Aconfig_js&entry=wp_toolbar_sitepreview__0.0%3Aconfig_js
81.117.60.163200 OK 253 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&entry=wp_liveobject_framework_core__0.0%3Aconfig_js&entry=wp_liveobject_framework__0.0%3Aconfig_js&entry=wp_one_ui_303__0.0%3Aconfig_js&entry=wp_dialog_main__0.0%3Aconfig_js&entry=wp_tagging_rating_light__0.0%3Aconfig_js&entry=wp_high_contrast__0.0%3Aconfig_js&entry=popper__1.14.7%3Aconfig_js&entry=bootstrap__4.6.1%3Aconfig_js&entry=pre-amd-fix__0.0%3Aconfig_js&entry=wb-module__0.0%3Aconfig_js&entry=wp_state_page_modes__0.0%3Aconfig_js&entry=wp_toolbar_utils__0.0%3Aconfig_js&entry=wp_simple_contextmenu_ext__0.0%3Aconfig_js&entry=wp_simple_contextmenu_js__0.0%3Aconfig_js&entry=wp_toolbar_actionbar__0.0%3Aconfig_js&entry=post-amd-fix__0.0%3Aconfig_js&entry=wp_toolbar_menuactions__0.0%3Aconfig_js&entry=wp_toolbar_sitepreview_menuactions__0.0%3Aconfig_js&entry=wp_ic4_wai_resources__0.0%3Aconfig_js&entry=wp_theme_skin_region__0.0%3Aconfig_js&entry=wp_status_bar__0.0%3Aconfig_js&entry=wp_toolbar_projectmenu__0.0%3Aconfig_js&entry=slick__0.0%3Aconfig_js&entry=wp_toolbar_contextmenu__0.0%3Aconfig_js&entry=wp_toolbar_sitepreview__0.0%3Aconfig_js
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size 253 kB (253115 bytes)
Hash 720a4ab881e1cda1dc905db741e3a3fb
0620b5b63bb4412660abe83f861260e0ca14e97f
1f9bb48b6ecf96728e4a03afeea2cc674f11fa088ec31a1dc46b4fe03af9a268
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&entry=wp_liveobject_framework_core__0.0%3Aconfig_js&entry=wp_liveobject_framework__0.0%3Aconfig_js&entry=wp_one_ui_303__0.0%3Aconfig_js&entry=wp_dialog_main__0.0%3Aconfig_js&entry=wp_tagging_rating_light__0.0%3Aconfig_js&entry=wp_high_contrast__0.0%3Aconfig_js&entry=popper__1.14.7%3Aconfig_js&entry=bootstrap__4.6.1%3Aconfig_js&entry=pre-amd-fix__0.0%3Aconfig_js&entry=wb-module__0.0%3Aconfig_js&entry=wp_state_page_modes__0.0%3Aconfig_js&entry=wp_toolbar_utils__0.0%3Aconfig_js&entry=wp_simple_contextmenu_ext__0.0%3Aconfig_js&entry=wp_simple_contextmenu_js__0.0%3Aconfig_js&entry=wp_toolbar_actionbar__0.0%3Aconfig_js&entry=post-amd-fix__0.0%3Aconfig_js&entry=wp_toolbar_menuactions__0.0%3Aconfig_js&entry=wp_toolbar_sitepreview_menuactions__0.0%3Aconfig_js&entry=wp_ic4_wai_resources__0.0%3Aconfig_js&entry=wp_theme_skin_region__0.0%3Aconfig_js&entry=wp_status_bar__0.0%3Aconfig_js&entry=wp_toolbar_projectmenu__0.0%3Aconfig_js&entry=slick__0.0%3Aconfig_js&entry=wp_toolbar_contextmenu__0.0%3Aconfig_js&entry=wp_toolbar_sitepreview__0.0%3Aconfig_js HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: FWMrmLLsjgP_W-CWC_Cfyg
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Thu, 09 May 2024 22:27:55 GMT
Cache-Control: public, max-age=86400
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/mashup/mashup:cxml/1VdNc5swEP01HG2M7UkzvTm5daaX2G2PGiHWWI6QNPrAzgw_vhJgDImndkkKzQlL3rf73kq7C3D8tv56kIjRHES8B2LQVuEMDkI9IyIUBNFypkAH0WIVasgwN5RscBrucY41UVSa9vYaVE4J_Lyf7nVRZPgYzHEKxf3dcjabFFaDCuZEcANHU2wx0zApCCY7COaaCAmFtDGjZFJIJTyXN8ZS4TTDBRfuH4-bTOAPAnpyRzvMEwZKDy5CcECWosVs0aZudpDBd5FYBjrM6qcztTTMF9PZdOFUmAeRvDgRw3NOKGYiRRmm_Crpyjbc65Cz0woBH5yzwWlKeYoUNv7BaLozV8lLoQxmhFHg5iRhlSSbFU-ePq2IS04GV7JzUZG3Vlhfl4Cj6MVT96jHGjQsZSmkdK4d0QNWnugPTteYWQMbT3htXDJJRV6Hv4RIYqv42tiEirDChnkUffEiquU0o-X9qdzHQhjtZMl-ERp4mC_vIh-k2ZnG1ne2bjjpmvwcZ0kw39Jjv5DN7Wq7Cl0ytzTtbp7DHuJgXuHeF_Ps5xTwLLej898F9L1vwDhTy4nIXFq1hsSv3c_Hh02LgUTaRQAkXTUg58OX05WqKgHljWwwiOEXdzcH72tCsBgrZA1lXd7VH6-Z19tlN2tDR6KvaSYZoNo-A26Re17Nf8veK7ns5f-RtNcfoOgTq_HD_9IZ8dHKBRNDBY-xuqFkGlsvpVmMcR5SuIn_UdOn46sZP53dTpM8pc4fXZWFW_pNy9qnr7UcuWG-S4a_0H5rVUsZ8SZrasCNtJzC4S811ahyjFU_xz0ZSpbogClytIVV5IYxXCO8gha-NB3-PHxUpJ8pdwJSl8Z-5el7v_PxVLp485JiNXrdsy5-tzjNsaUsAdW03wY9xmXtz_2MHK3CaqQvrpuqqrGuKqtZjlFW2oGe3zcoShen-VAuXn0pnDPVGu79XkXHf9-50FZ7tdKB6f8G4106YA!!?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text/javascript&entry=wp_liveobject_framework_core__0.0%3aconfig_js&entry=wp_liveobject_framework__0.0%3aconfig_js&entry=wp_one_ui_303__0.0%3aconfig_js&entry=wp_dialog_main__0.0%3aconfig_js&entry=wp_tagging_rating_light__0.0%3aconfig_js&entry=wp_high_contrast__0.0%3aconfig_js&entry=popper__1.14.7%3aconfig_js&entry=bootstrap__4.6.1%3aconfig_js&entry=pre-amd-fix__0.0%3aconfig_js&entry=wb-module__0.0%3aconfig_js&entry=wp_state_page_modes__0.0%3aconfig_js&entry=wp_toolbar_utils__0.0%3aconfig_js&entry=wp_simple_contextmenu_ext__0.0%3aconfig_js&entry=wp_simple_contextmenu_js__0.0%3aconfig_js&entry=wp_toolbar_actionbar__0.0%3aconfig_js&entry=post-amd-fix__0.0%3aconfig_js&entry=wp_toolbar_menuactions__0.0%3aconfig_js&entry=wp_toolbar_sitepreview_menuactions__0.0%3aconfig_js&entry=wp_ic4_wai_resources__0.0%3aconfig_js&entry=wp_theme_skin_region__0.0%3aconfig_js&entry=wp_status_bar__0.0%3aconfig_js&entry=wp_toolbar_projectmenu__0.0%3aconfig_js&entry=slick__0.0%3aconfig_js&entry=wp_toolbar_contextmenu__0.0%3aconfig_js&entry=wp_toolbar_sitepreview__0.0%3aconfig_js
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-391407098"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Encoding: gzip
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000ffa9ad6b139df79cd13911880eed0b9555398e4f421f3f0aaa1116b4cbd60cad084a62af4811300073df654612b0ee590ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
www.unisalute.it/api/locations/states
81.117.60.163200 OK 131 kB URL OPTIONS HTTP/1.1 www.unisalute.it/api/locations/states
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 131 kB (130740 bytes)
Hash f5e4716e23f24fba0852a9333cea9d4a
c15a0e83917f1a21bd285494d2364c9bf1cab04d
e7940d5db6f2f1eada5d1aad5c0ac46bb8732318ccea7e33e9e828477bf3703f
OPTIONS /api/locations/states HTTP/1.1
Host: www.unisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ibm-client-id,x-ibm-client-secret
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-ibm-client-id,x-ibm-client-secret
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
X-Forwarded-For: 91.90.42.154, 172.31.6.152
Via: 1.1 AAAAAIKRl6g-
X-Client-IP: 91.90.42.154
X-Global-Transaction-ID: f257b4c1663bfc6ca9a77da2
Access-Control-Allow-Origin: https://81.117.60.163
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: x-ibm-client-id,x-ibm-client-secret
Vary: Origin
Date: Wed, 08 May 2024 22:27:56 GMT
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: widget.trustpilot.com unisalute.demdex.net; connect-src *;
Set-Cookie: TSa871e10f027=0859b2a892ab200015f4afdf9bf3ecc7b7d4533a1869e7faf3aff164f49ee252ad831ad5bd1c293308b05fcb311130000d04256047a83c748263055440d7228a4c9143766f44c3209f22cd83063e5dfb408bb3ebbaa17f4102ad60ea23bd6b11; Path=/
blogunisalute.it/wp-content/uploads/2024/04/magnesio-benefici.webp
185.19.185.51200 OK 159 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/04/magnesio-benefici.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 159 kB (158942 bytes)
Hash 9095518f90a3be31d4468f3c94b6ecc0
9653b3593f4837a07e510374b40ae6f00d72fadc
d93b0ff34fbbaee32eba796ba1766c2f20ecf22329db64b66cb84c774e0e63ef
GET /wp-content/uploads/2024/04/magnesio-benefici.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 158942
last-modified: Tue, 30 Apr 2024 14:08:19 GMT
etag: "26cde-61750e6f604eb"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
104.22.1.204200 OK 261 kB URL GET HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 104.22.1.204:443
Certificate IssuerGoogle Trust Services LLC
Subjectacsbapp.com
FingerprintB2:19:D1:9F:CD:26:C9:40:0D:15:1D:45:7A:72:8B:44:BC:8B:A3:FC
ValidityMon, 22 Apr 2024 04:56:40 GMT - Sun, 21 Jul 2024 04:56:39 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 261 kB (261129 bytes)
Hash 6444aafe6fb5235f1abe3bbc4c601cd3
739ca8ad996693505c87e1d683fe6973c7a07796
f8dc91f5244ac28a3cea99ad5b7056f0f067c70e4d61402a226ae1c3603a7d6c
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:56 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300, must-revalidate
expires: Thu, 08 May 2025 22:27:56 GMT
last-modified: Tue, 23 Apr 2024 14:47:30 GMT
etag: W/"6444aafe6fb5235f1abe3bbc4c601cd3"
x-goog-generation: 1713883650797588
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 309248
x-goog-hash: crc32c=r81Twg==, md5=ZESq/m+1I18avju8TGAc0w==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *
x-guploader-uploadid: ABPtcPoNuwZ6EEOlISbgW1fC9RFOQ_Vmz_xWx9CBL0F4kmW8LWMQTdbarQhypDas1SR1-taQf7EJL_f7yQ
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ce143e8cb56c0-OSL
content-encoding: br
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2024/03/sifilide.webp
185.19.185.51200 OK 213 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/03/sifilide.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image
Size 213 kB (212810 bytes)
Hash 80e86a531492f7ed6ecf8b4a662c85dc
a1e4268c7fb7b41ab8c719c3457e045a0d059e57
1655ab4695ab6cbb595eae6d265d168bcd1349b1bcb513c18f83215a71453a65
GET /wp-content/uploads/2024/03/sifilide.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 212810
last-modified: Wed, 27 Mar 2024 08:09:35 GMT
etag: "33f4a-6149fed6cd82c"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.trustpilot.com/stats/TrustboxImpression?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32
143.204.55.101204 No Content 0 B URL GET HTTP/2 widget.trustpilot.com/stats/TrustboxImpression?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b#locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats/TrustboxImpression?locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light&url=https%3A%2F%2F81.117.60.163%2F&referrer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5846a4f30000ff000598ae6b&widgetId=53aa8807dec7e10d38f59f32 HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
cache-control: no-store,no-cache
date: Wed, 08 May 2024 22:27:56 GMT
pragma: no-cache
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D2Jupj_1tyfi7lkb8-P1T0K6GOBHqrXEj_5Mi-P6_Y4RtFcJdyBofg==
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2022/12/cistite-maschile.jpg
185.19.185.51200 OK 238 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2022/12/cistite-maschile.jpg
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, PhotometricInterpretation=RGB, description=Attractive middle aged european male in casual drinking water from glass on minimalist kitchen interior during covid-19 pandemi, orientation=upper-left, xresolution=334, yresolution=342, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2021:10:07 01:30:49], baseline, precision 8, 1000x667, components 3
Size 238 kB (237851 bytes)
Hash fa0a22c092607a8bd4a1e7c77927fb11
7afa37f7ed5b7922675b61dcdbb6041d74f8053a
22b304b8dbdd77c3a5101103b7254c109bfe745bf08db490e35f27622573ad0c
GET /wp-content/uploads/2022/12/cistite-maschile.jpg HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-type: image/jpeg
content-length: 237851
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
104.19.178.52200 OK 90 kB URL GET HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65455)
Hash 4fce018ca6cb2e955ecf67e82a6747ce
57ad7d6417f5361bc9b613ad8ac76b10e05ae2ed
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
GET /scripttemplates/6.39.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: application/javascript
content-length: 90454
content-encoding: gzip
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
etag: 0x8DA87805EB35DE2
x-ms-request-id: 1de4c513-c01e-001f-3408-7c8a87000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 22213
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce1494dc2b529-OSL
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2024/05/telemedicina-specialistica.webp
185.19.185.51200 OK 259 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/05/telemedicina-specialistica.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 259 kB (258942 bytes)
Hash bffa328fffe2b4cbf6fdbbd9ba912354
ba0da2e9f8de484d6de08a7724e1633af15e4940
b8d9a600f00598f66259100bd57b43380d9a9bbefaa12474350ff07727cf5798
GET /wp-content/uploads/2024/05/telemedicina-specialistica.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 258942
last-modified: Wed, 01 May 2024 18:06:03 GMT
etag: "3f37e-6176856fa0f2b"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2022/06/lipedema.jpg
185.19.185.51200 OK 315 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2022/06/lipedema.jpg
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=21, height=5464, bps=266, PhotometricInterpretation=RGB, description=Woman siting on couch and holding shin with her hand closeup. Prevention of varicose veins concept, manufacturer=Canon, model=Canon EOS R5, orientation=upper-left, width=2120], baseline, precision 8, 1000x667, components 3
Size 315 kB (314601 bytes)
Hash 913c306b19816bdcb6fea4a436d94918
85dc2c62f002f9db47ddf2a8c201aa5f4c85c0b7
df945685d9ae28b5121651c2453db02ced414837970fa9cb1bb591f69f17af1e
GET /wp-content/uploads/2022/06/lipedema.jpg HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-type: image/jpeg
content-length: 314601
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
accept-ranges: bytes
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2024/04/bullismo-cyberbullismo-differenze.webp
185.19.185.51200 OK 266 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/04/bullismo-cyberbullismo-differenze.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 266 kB (265794 bytes)
Hash bebc58ddbbfc2b1aa327b880cf25d6e5
369b643883af181fd76f89a4dec03bad42b3cc55
af4982a6c635d367a4331a678283e9e77a0779d6fb9912633efd402f886e61fe
GET /wp-content/uploads/2024/04/bullismo-cyberbullismo-differenze.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 265794
last-modified: Mon, 29 Apr 2024 14:41:07 GMT
etag: "40e42-6173d3e68dbb4"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac/b4a67ad4-09b8-495b-9dad-893b1fd5230f/it.json
104.19.178.52200 OK 15 kB URL GET HTTP/2 cdn.cookielaw.org/consent/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac/b4a67ad4-09b8-495b-9dad-893b1fd5230f/it.json
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash 5eda0b52cfc8552c2533417df24a5e65
0eeb818faf0ac426b9707c3cda161de7b26e97ec
f4ea3ac454693307669ebfc1e836d6658929c3cc25eba39c8b6e7ab539fe2414
GET /consent/ed7bd3a8-22b5-4f18-8fd3-4a6e43293dac/b4a67ad4-09b8-495b-9dad-893b1fd5230f/it.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: application/x-javascript
content-length: 15286
cf-ray: 880ce14b4dc4b4ed-OSL
cf-cache-status: REVALIDATED
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC295D6B41C889
expires: Thu, 09 May 2024 22:27:57 GMT
last-modified: Fri, 09 Feb 2024 10:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: O3oGOA68HrENdPiji6iYOg==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 460caa4c-e01e-0023-3c8e-a02ea2000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/images/favicon.png
81.117.60.163200 OK 21 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/images/favicon.png
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced
Hash de8781f223392b8b2cadafbb04ff60b6
4f228486cca11b3e62a47b67c4e0fa62df3e3e5d
4441f9fee2dfd79bcc35ae7b86b00b6265b8b9957437bcf28837358bf2b7b07a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/images/favicon.png HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200016a29a6e95624278f0f53a2c741e97bb3cd2cc9896788663977c073cf1cfa5440835ee99d91130003f4f017cb863d9208263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h11vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209077308|1715207274800; dtSa=-; AMCV_A69A372A60E55C2A0A495FA6%40AdobeOrg=-1124106680%7CMCIDTS%7C19852%7CMCMID%7C80160840026274647759101672696933783092%7CMCAID%7CNONE%7CMCOPTOUT-1715214477s%7CNONE%7CvVersion%7C5.2.0; AMCVS_A69A372A60E55C2A0A495FA6%40AdobeOrg=1; gpv_Page=home; s_cc=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:57 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: w8nt_PJ_OBbh5Terw_eicQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:42 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/images/favicon.png
Content-Length: 20939
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1315124613"
Keep-Alive: timeout=60, max=94
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000a5b0cc26320c0d7569ca283307380dba10e036d9a79d469748d0eac652ea28ec08570c538a1130008b4302ec6ada573204f809f5c43deb224fde73fe39645221a96e1f9479967389446a19d310dc41bd234247bc805cf259; Path=/
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
104.18.32.137200 OK 2.7 kB URL GET HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP 104.18.32.137:443
Certificate IssuerCloudflare, Inc.
Subjectonetrust.com
Fingerprint9B:BC:B4:A8:C7:6C:6C:02:0F:FD:9F:06:F2:67:FB:DD:A1:E0:3F:47
ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 12 Nov 2024 23:59:59 GMT
File type New Line Delimited JSON text data
Hash 5ffea1fbb8bd99dc463e13d61016ce3d
84f22186a290f411eacfde9f03f9744de732bbdd
3ad03d8b4b29b9a6da4a2a2c88f887707464860d2144317aeadfd45b56546883
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:56 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880ce148dfe1b50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json
104.19.178.52200 OK 13 kB URL GET HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash 9d4ca396ca71bf92f57d06fdfebd0e8c
42fe83939b31721ca231cd0971c8347586835729
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
GET /scripttemplates/6.39.0/assets/v2/otPcPanel.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: application/json
content-length: 13290
content-encoding: gzip
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
etag: 0x8DA87805AF0078C
x-ms-request-id: 14979f3e-b01e-0083-5f6d-7c27e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce14c7eb8b4ed-OSL
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU
142.250.74.170200 OK 66 kB URL GET HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type JavaScript source, ASCII text, with very long lines (10195)
Hash 46216a48bad57cdc8a32fce6608a398a
dfeba149739f599519be1735011531b68d1a77a9
547e53d36551e79e4edcc9fde64c9446ecfd23b713f2d4959d3b33438e4758a6
GET /maps/api/js?key=AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=1800
timing-allow-origin: *
content-type: text/javascript; charset=UTF-8
vary: Accept-Language, Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 May 2024 22:27:57 GMT
server: scaffolding on HTTPServer2
content-length: 65577
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
104.19.178.52200 OK 8.1 kB URL GET HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash c1398c6f926db871ff7d9eb7f57a2dd4
248e22b162dbb1596c4305a373c34790dceb71b0
37561031f8f8f74481df69d1cbd27d1cdf1e4085d3faa0bc720a078dfc2eeeab
GET /scripttemplates/6.39.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: text/css
content-md5: B55i3ZY9miZIaUrwjufy0w==
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
x-ms-request-id: b84f790e-a01e-0024-6f21-a0d827000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce14c7eb9b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
maps.googleapis.com/maps-api-v3/api/js/55/11a/common.js
142.250.74.170200 OK 57 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/11a/common.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type JavaScript source, ASCII text, with very long lines (6677)
Hash 0ac90c644d29fba8c994fe94048d8f0f
61397b721baf4d7eccf7c9ee031049ab0c120632
634485b4948d43183d2a03442b71174f94b8175557fea54cbc5f12c269cafe9d
GET /maps-api-v3/api/js/55/11a/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 56697
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:57:44 GMT
expires: Fri, 02 May 2025 01:57:44 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 592213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/11a/map.js
142.250.74.170200 OK 24 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/11a/map.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type JavaScript source, ASCII text, with very long lines (2387)
Hash 29bdb9d33123a21bdd462e8a754339af
32abb15a435f092b47513cb219b0447276242c4b
cbac8b9543e40d26c1fa92add7e17d289040d80e842521acaa4ca92355a708d6
GET /maps-api-v3/api/js/55/11a/map.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 23832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 15:31:59 GMT
expires: Thu, 08 May 2025 15:31:59 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 24958
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps-api-v3/api/js/55/11a/util.js
142.250.74.170200 OK 57 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/11a/util.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type JavaScript source, ASCII text, with very long lines (562)
Hash 782f7162cf27c5599269436cfca43e18
4838bdb9cd5a35d82712aa1c5f183068c04f34fe
9d9d8028f36453616e3ef0ff9190b678b8bc5dfb2b5da1156b415cb013c1c3d8
GET /maps-api-v3/api/js/55/11a/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 56965
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:30 GMT
expires: Sat, 03 May 2025 03:22:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 500727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.170200 OK 23 B URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 May 2024 22:27:57 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://81.117.60.163
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js
142.250.74.174200 OK 68 kB URL GET HTTP/3 www.youtube.com/s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.174:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (531)
Hash 8c3db74fd4a0352b3a86086ced405a8d
f3d61a450c740f7fd715cb44ef632e5535bf9d74
07cd8a0ea2b5b9fa0845c4f3a17ba1c634b7404c92f8c18012a8d933f59f26a2
GET /s/player/178de1f2/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 68217
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 07:20:53 GMT
expires: Wed, 07 May 2025 07:20:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 07 May 2024 04:18:47 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 140824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
142.250.74.170200 OK 0 B URL OPTIONS HTTP/3 maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://81.117.60.163
vary: origin, referer, x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-channel-id,x-goog-maps-client-id,x-user-agent
access-control-max-age: 3600
date: Wed, 08 May 2024 22:27:58 GMT
content-type: text/html
server: scaffolding on HTTPServer2
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i69412&2i47109&2e1&3u9&4m2&1u510&2u600&5m9&1e0&5sen-US&6sus&8m3&1e33&2e3&8e1&10b1&12b1&7s15592a6d401e437&key=AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU&token=55010
142.250.74.170200 OK 43 kB URL GET HTTP/3 maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i69412&2i47109&2e1&3u9&4m2&1u510&2u600&5m9&1e0&5sen-US&6sus&8m3&1e33&2e3&8e1&10b1&12b1&7s15592a6d401e437&key=AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU&token=55010
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type PNG image data, 510 x 600, 8-bit colormap, non-interlaced
Hash 4148f3351ba3d794306a6e6942af2bdf
03845d0824aa3f37205f6cdc44f9e592411370ff
82a7d6b71f56e33c954fc71decfde9be446efadb6974630ba05b3847eadd6f85
GET /maps/api/js/StaticMapService.GetMapImage?1m2&1i69412&2i47109&2e1&3u9&4m2&1u510&2u600&5m9&1e0&5sen-US&6sus&8m3&1e33&2e3&8e1&10b1&12b1&7s15592a6d401e437&key=AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU&token=55010 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/png
date: Wed, 08 May 2024 22:27:58 GMT
expires: Thu, 09 May 2024 22:27:58 GMT
cache-control: public, max-age=86400
server: scaffolding on HTTPServer2
content-length: 42932
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=98
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.googleapis.com/maps/api/mapsjs/mapConfigs:batchGet?map_ids=15592a6d401e437&language=en-US®ion=US&alt=protojson&major_version=55&minor_version=11a
142.250.74.170200 OK 1.5 kB URL GET HTTP/3 maps.googleapis.com/maps/api/mapsjs/mapConfigs:batchGet?map_ids=15592a6d401e437&language=en-US®ion=US&alt=protojson&major_version=55&minor_version=11a
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash ade35c9ccfada2b46941b5c9e2cf1c16
e949b2a49cfa2ca854bbebea16bb6691a2d33159
d3a72300b7450f757411e705fa47613a070d11c575a8742c44dc9efd4c632319
GET /maps/api/mapsjs/mapConfigs:batchGet?map_ids=15592a6d401e437&language=en-US®ion=US&alt=protojson&major_version=55&minor_version=11a HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 May 2024 22:27:58 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 1453
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://81.117.60.163
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.35200 OK 326 B URL GET HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.35:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Wed, 08 May 2024 22:27:58 GMT
expires: Wed, 08 May 2024 22:27:58 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5846a4f30000ff000598ae6b&locale=it-IT
143.204.55.101200 OK 9.4 kB URL GET HTTP/2 widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5846a4f30000ff000598ae6b&locale=it-IT
IP 143.204.55.101:443
Requested by https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b#locale=it-IT&styleHeight=100%25&styleWidth=100%25&theme=light
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type gzip compressed data, max speed, from Unix
Hash 5f59766829ce48cae514c904e9c75464
72291537f60d8191b74ba922d10296b0bab702b6
48793adf61d821a2b46ae888ea89cab2af9d8acf093bd96c9bd4dc596c5f7de6
GET /trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5846a4f30000ff000598ae6b&locale=it-IT HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
content-encoding: gzip
date: Wed, 08 May 2024 22:08:43 GMT
etag: "475c6b277326da2cb8ca78a987e0ada8"
server: Kestrel
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aGwl2e-9fOuWlx8qoauhPJiUpNO5zasL2GZ-0orlIxMD92RZy2oV6A==
age: 1153
X-Firefox-Spdy: h2
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
142.250.74.170200 OK 6.7 kB URL OPTIONS HTTP/3 maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash 53b72857ee8eb59d264093b90ca0253b
ec3817519fbc714fbe9ba29c3ab05573b52de386
3761a5c7ff9d25c8f0ee332d6431601058b6b878be1abca4d0358ca373d4b114
POST /$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyCowaiT-IxEIoaXCjL8taSBn1EnHYxrGgU
Content-Type: application/json+protobuf
X-Goog-Maps-Channel-Id:
X-Goog-Maps-Client-Id:
X-Goog-Maps-API-Salt: rvoaNC8RJZ
X-Goog-Maps-API-Signature: 91008
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 158
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 May 2024 22:27:58 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 6745
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://81.117.60.163
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maps.gstatic.com/mapfiles/api-3/images/icon_error.png
142.250.74.35200 OK 450 B URL GET HTTP/3 maps.gstatic.com/mapfiles/api-3/images/icon_error.png
IP 142.250.74.35:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Hash 8a3a1cfb57bacb095ceaa46f87c13dea
2054fb1471a33e55a2ffdec29dd3dfe63508de15
aa5e91d5c81d9f6a51b7eb4f0325ecee1e716275b483a8fe540aab6792bbd9f4
GET /mapfiles/api-3/images/icon_error.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 450
date: Wed, 08 May 2024 22:27:58 GMT
expires: Wed, 08 May 2024 22:27:58 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
81.117.60.163/it/rb_42fa3696-bbf0-49d8-aeb8-276de7a91dfa?type=js3&flavor=post&vi=ALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0&modifiedSince=1715179239019&rf=https%3A%2F%2F81.117.60.163%2F&bp=3&app=ea7c4b59f27d43eb&crc=2132565209&en=dcpk7pmw&end=1
81.117.60.163200 OK 130 B URL POST HTTP/1.1 81.117.60.163/it/rb_42fa3696-bbf0-49d8-aeb8-276de7a91dfa?type=js3&flavor=post&vi=ALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0&modifiedSince=1715179239019&rf=https%3A%2F%2F81.117.60.163%2F&bp=3&app=ea7c4b59f27d43eb&crc=2132565209&en=dcpk7pmw&end=1
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash eb7cec95669b200f0cffe1fdaa0cbff4
a93ae9a469f99fdc732cbfab819ddbfb5edf0ce3
2e867fad230c8a915feee587c042e20cf7ca814faf583a7912af544f697df116
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /it/rb_42fa3696-bbf0-49d8-aeb8-276de7a91dfa?type=js3&flavor=post&vi=ALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0&modifiedSince=1715179239019&rf=https%3A%2F%2F81.117.60.163%2F&bp=3&app=ea7c4b59f27d43eb&crc=2132565209&en=dcpk7pmw&end=1 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 6862
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000a5b0cc26320c0d7569ca283307380dba10e036d9a79d469748d0eac652ea28ec08570c538a1130008b4302ec6ada573204f809f5c43deb224fde73fe39645221a96e1f9479967389446a19d310dc41bd234247bc805cf259; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=$407274793_883h-vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209078167|1715207274800; dtSa=-; AMCV_A69A372A60E55C2A0A495FA6%40AdobeOrg=-1124106680%7CMCIDTS%7C19852%7CMCMID%7C80160840026274647759101672696933783092%7CMCAID%7CNONE%7CMCOPTOUT-1715214477s%7CNONE%7CvVersion%7C5.2.0; AMCVS_A69A372A60E55C2A0A495FA6%40AdobeOrg=1; gpv_Page=home; s_cc=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:28:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 130
Keep-Alive: timeout=60, max=93
Connection: Keep-Alive
Content-Type: text/plain; charset=utf-8
Set-Cookie: TSa871e10f027=0859b2a892ab2000cdb21c0769bf436ac9791d55ad978b6ce904a20b6867af5d64f52ef2de528d250828e8a35a11300033d19c6be71317e0682adc9f272e55c9487e343c9460ec48260f2cd23841e7f60b12f331040dcf2aae9ed446264e5b2c; Path=/
81.117.60.163/it/rb_42fa3696-bbf0-49d8-aeb8-276de7a91dfa?type=js3&flavor=post&vi=ALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0&modifiedSince=1715179239019&rf=https%3A%2F%2F81.117.60.163%2F&bp=3&app=ea7c4b59f27d43eb&crc=4201660681&en=dcpk7pmw&end=1
81.117.60.163200 OK 130 B URL POST HTTP/1.1 81.117.60.163/it/rb_42fa3696-bbf0-49d8-aeb8-276de7a91dfa?type=js3&flavor=post&vi=ALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0&modifiedSince=1715179239019&rf=https%3A%2F%2F81.117.60.163%2F&bp=3&app=ea7c4b59f27d43eb&crc=4201660681&en=dcpk7pmw&end=1
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash eb7cec95669b200f0cffe1fdaa0cbff4
a93ae9a469f99fdc732cbfab819ddbfb5edf0ce3
2e867fad230c8a915feee587c042e20cf7ca814faf583a7912af544f697df116
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /it/rb_42fa3696-bbf0-49d8-aeb8-276de7a91dfa?type=js3&flavor=post&vi=ALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0&modifiedSince=1715179239019&rf=https%3A%2F%2F81.117.60.163%2F&bp=3&app=ea7c4b59f27d43eb&crc=4201660681&en=dcpk7pmw&end=1 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 26458
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000cdb21c0769bf436ac9791d55ad978b6ce904a20b6867af5d64f52ef2de528d250828e8a35a11300033d19c6be71317e0682adc9f272e55c9487e343c9460ec48260f2cd23841e7f60b12f331040dcf2aae9ed446264e5b2c; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=$407274793_883h-vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209078167|1715207274800; dtSa=-; AMCV_A69A372A60E55C2A0A495FA6%40AdobeOrg=-1124106680%7CMCIDTS%7C19852%7CMCMID%7C80160840026274647759101672696933783092%7CMCAID%7CNONE%7CMCOPTOUT-1715214477s%7CNONE%7CvVersion%7C5.2.0; AMCVS_A69A372A60E55C2A0A495FA6%40AdobeOrg=1; gpv_Page=home; s_cc=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:28:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 130
Keep-Alive: timeout=60, max=92
Connection: Keep-Alive
Content-Type: text/plain; charset=utf-8
Set-Cookie: TSa871e10f027=0859b2a892ab2000287aeca3ccb228c3a231bf89080b59451403033929d41aac9fdc6e0ca8a9b8bd085447f147113000cd0d0165cf9ccaf9ba1fd488fc86485195ba2ecd02966c8fb3aefd7f331763979875e5a8a2541abd42ddeda36373659c; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
81.117.60.163200 OK 36 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type gzip compressed data, from Unix
Hash e22c94c9db7a48d9026f3488133460ad
b2aa53b4c2380c70de363ed2ceac8662e27753e2
80ce974a72ba457b30afe9748e86e3d0ace5a08fc601bc45f30e65ed3a44b620
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-431708475"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000d6c5da4339a783bb7733ab43cdf2342d67b53ff8a476247a9baa4c8e2dc8254c086d81c026113000aa4a50986f1b63d07891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925
81.117.60.163200 OK 13 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type ASCII text, with very long lines (12802), with no line terminators
Hash d31bd1045d5ed26354ba8d1832c25dd2
8f8527dec27f2b0433062a4f374588dc919a7d2d
783e11d29c344df7da3c8cfe52eabe41af9aee517b102a0d4f53b4d569e92dea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Fri, 01 Dec 2023 13:35:46 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1198189176"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200098088f90690bc90e019f2941a6b118dd4aebd8adc95877c9484903b17faf679008d2049b2411300021f7506dffd1e09e7891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-SemiBold.woff2
81.117.60.163200 OK 86 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-SemiBold.woff2
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 86544, version 7.14548
Hash 59bc8987bcee30f5d2e15a879d54899b
afa9c470c261acc9e259d2c31fa6a8aa9ddd6a89
12e1a9890320276b7c7c6fe95ccf06b7619ded7644e5decc56ff2c7449145301
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-SemiBold.woff2 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
ETag: "1696942526:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Tue, 10 Oct 2023 12:55:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-SemiBold.woff2
Content-Length: 86544
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1695488513"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: application/octet-stream
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20008a362be373bc648a7b0e483fd646b082828ccc501bc438cea63e658afccd634808069db2e0113000b2b601e4d38fdfd40ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
blogunisalute.it/wp-content/uploads/2024/04/salute-mentale-gravidanza-post-parto.webp
185.19.185.51200 OK 131 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/04/salute-mentale-gravidanza-post-parto.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 131 kB (130740 bytes)
Hash f5e4716e23f24fba0852a9333cea9d4a
c15a0e83917f1a21bd285494d2364c9bf1cab04d
e7940d5db6f2f1eada5d1aad5c0ac46bb8732318ccea7e33e9e828477bf3703f
GET /wp-content/uploads/2024/04/salute-mentale-gravidanza-post-parto.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 130740
last-modified: Tue, 30 Apr 2024 13:46:47 GMT
etag: "1feb4-6175099eaded1"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.174200 OK 993 B URL GET HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.174:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File type JavaScript source, ASCII text, with very long lines (1025), with no line terminators
Hash bf32527cd230af77b83139af316be3b9
0ebf1f7b6fd7f1a6d36fc30a63eaadcce15ef18f
0926ae62a8e456842e54069b29a228e3d8129d247ba498c1b35f5aef0e21b739
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Wed, 08 May 2024 22:27:57 GMT
date: Wed, 08 May 2024 22:27:57 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'nonce-AVKZSBntwA0DlmPdD3Z7mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=G5oNPIH8bkk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ltnbUt7IPgM; Domain=.youtube.com; Expires=Mon, 04-Nov-2024 22:27:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMICc%3D; Domain=.youtube.com; Expires=Mon, 04-Nov-2024 22:27:57 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedCorner.json
104.19.178.52200 OK 10 kB URL GET HTTP/2 cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedCorner.json
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash f2f6634ba3dd149165f39759cc7d63da
4eec89b86c945bf1df6e229ad5c80077372fce76
ce26ecdf22dd9987049b1bdc32d7ebdfeb55b26bd607d83a13f31079bcd6e131
GET /scripttemplates/6.39.0/assets/otFloatingRoundedCorner.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://81.117.60.163/
Origin: https://81.117.60.163
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: application/json
content-length: 2589
content-encoding: gzip
content-md5: p13TEoP21ReF8wWyxhBh0Q==
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
etag: 0x8DA87805A754483
x-ms-request-id: c0cb3764-e01e-0067-4efa-9ff2ce000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce14c7eb1b4ed-OSL
X-Firefox-Spdy: h2
81.117.60.163/wcm/connect/eb964471-2a08-4299-b216-a96fba92c6b2/MicrosoftTeams-image+%2813%29.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-eb964471-2a08-4299-b216-a96fba92c6b2-oXD1fDL
81.117.60.163200 OK 31 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/eb964471-2a08-4299-b216-a96fba92c6b2/MicrosoftTeams-image+%2813%29.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-eb964471-2a08-4299-b216-a96fba92c6b2-oXD1fDL
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Hash 9677752993ae96c697fb801bf6061510
eb25ba214d64c580d26aa2750eaad5279a3fd0b7
7c2eca03b6c53ffcdee2ad18ee718f5481b64dba4a70ae087447a781de187ae6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/eb964471-2a08-4299-b216-a96fba92c6b2/MicrosoftTeams-image+%2813%29.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-eb964471-2a08-4299-b216-a96fba92c6b2-oXD1fDL HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-419098683"
Content-Length: 31443
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-109827624"
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000648c804b549c60ea6128493213bf6f443d7ac88c86e7022335a7027fb10ecf3608759987e71130006854085c9802f33b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Regular.woff2
81.117.60.163200 OK 87 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Regular.woff2
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 86900, version 7.14548
Hash e16f24733a7991e6832ed140c2723077
922448f973b90fefd12c2fcddfbf09c536ee4a02
c2b2cb00987bfe82494d234b5de4a36d217d20536e37e1b98423cc64efefca43
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Regular.woff2 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
ETag: "1696942526:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Tue, 10 Oct 2023 12:55:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Regular.woff2
Content-Length: 86900
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-2128053976"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: application/octet-stream
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000bc6f982e894fc7511538d38d4d03f7315c1e6be4b119538b5e5511e86da3ba2a08f0cd301b113000404525f553859c2b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/fonts/Poppins-Light.ttf
81.117.60.163200 OK 146 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/fonts/Poppins-Light.ttf
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type TrueType Font data, 14 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Copyright 2014-2017 Indian Type Foundry (info@indiantypefoundry.com)Poppins LightRegular3.010;IT
Size 146 kB (145936 bytes)
Hash 2a47a29ceb33c966c8d79f8d5a5ea448
987ef3e07d6361fbb658624e297750133f2343bd
bf1a7f964eb1751f56419265ce6650e6476eea7cc6e6573fa57573dcc52b5312
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/fonts/Poppins-Light.ttf HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!57V0MJHnGWOvb6EWw16YdA/sp/mashup:ra:collection?soffset=0&eoffset=30&themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fcss&lm=1696942526000&entry=wp_toolbar_common__0.0%3Ahead_css&entry=wp_one_ui_303__0.0%3Ahead_css&entry=wp_dialog_css__0.0%3Ahead_css&entry=wp_one_ui_dijit_303__0.0%3Ahead_css&entry=wp_toolbar_logo__0.0%3Ahead_css&entry=wp_tagging_rating_light__0.0%3Ahead_css&entry=wp_theme_portal_edit_85__0.0%3Ahead_css&entry=wp_theme_portal_85__0.0%3Ahead_css&entry=wp_portlet_css__0.0%3Ahead_css&entry=wp_toolbar_common_actionbar__0.0%3Ahead_css&entry=wp_simple_contextmenu_css__0.0%3Ahead_css&entry=wp_toolbar_actionbar__0.0%3Ahead_css&entry=wp_ic4_wai_resources__0.0%3Ahead_css&entry=wp_toolbar_sitepreview__0.0%3Ahead_css&entry=bootstrap__4.6.1%3Ahead_css&entry=wb-module__0.0%3Ahead_css&entry=wp_liveobject_framework__0.0%3Ahead_css&entry=wp_toolbar_moremenu__0.0%3Ahead_css&entry=wp_status_bar__0.0%3Ahead_css&entry=wp_toolbar_projectmenu__0.0%3Ahead_css&entry=slick__0.0%3Ahead_css&entry=wp_oob_sample_styles__0.0%3Ahead_css
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
ETag: "1693989624:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Wed, 06 Sep 2023 08:40:22 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/fonts/Poppins-Light.ttf
Content-Length: 145936
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-519807636"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: application/octet-stream
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200091c506f484840dc915823054024677e41a11eca8817f2e8b1ebdb82446a4a82f081d604b23113000f59e3c63dcc736670ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/flatpickr.min.js?v=20230925
81.117.60.163200 OK 51 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/flatpickr.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (50640)
Hash 19f49a9a1665777b11b2004ff4926d92
7d5bfbf9261ed89b9ca842487f7a6464964744b9
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/flatpickr.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/flatpickr.min.js
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-519667744"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!rwIpvDZkKV26JDJjysco_w/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&lm=1710133762269&entry=wp_portal__0.0%3Aconfig_config_static&entry=wcm_config__0.0%3Aconfig_config_static&entry=wcm_inplaceEdit__0.0%3Aconfig_config_static
81.117.60.163200 OK 5.0 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!rwIpvDZkKV26JDJjysco_w/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&lm=1710133762269&entry=wp_portal__0.0%3Aconfig_config_static&entry=wcm_config__0.0%3Aconfig_config_static&entry=wcm_inplaceEdit__0.0%3Aconfig_config_static
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (5247), with no line terminators
Hash 37ef6d71ab92397f91d10b40d7cbb97e
f0d69131135c96c9bb15a14e9b25251891798fe5
b7547362c70417d04182f82e115dcf92b0dcafd883d8b18d5318ad6f47117fdf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!rwIpvDZkKV26JDJjysco_w/mashup/ra:collection?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text%2Fjavascript&lm=1710133762269&entry=wp_portal__0.0%3Aconfig_config_static&entry=wcm_config__0.0%3Aconfig_config_static&entry=wcm_inplaceEdit__0.0%3Aconfig_config_static HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: FWMrmLLsjgP_W-CWC_Cfyg
X-DataSource-Digest: rwIpvDZkKV26JDJjysco_w
Expires: Thu, 09 May 2024 22:27:55 GMT
Cache-Control: public, max-age=86400
ETag: "1710133762:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Mon, 11 Mar 2024 05:09:20 GMT
Content-Location: /contenthandler/!ut/p/digest!rwIpvDZkKV26JDJjysco_w/mashup/mashup:cxml/vU45DsIwEHxNSltRhFCUElo-sdlsjMH2Wj6UFPt4HEGD6KlmNIdmPC8aOazWTLlAsShqQ3_9UsTD3g1gSMbzqe-V1EypG1qt0F5kBZdJCQLeqRsyciSJdXYWlcTED8LyE44JjAcJ3Jyjp47VGyM4utSwOJqQvbaz1xunZ3SApFtC2_DmH_zPtRfgYQHt?themeID=ZJ_20D61B8201QN00QDH275P634H4&locale=en&mime-type=text/javascript&lm=1710133762269&entry=wp_portal__0.0%3aconfig_config_static&entry=wcm_config__0.0%3aconfig_config_static&entry=wcm_inplaceEdit__0.0%3aconfig_config_static
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2055733005"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/javascript; charset=UTF-8
Content-Encoding: gzip
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000bc743563ae53e53f6b7fb47906800b68f9d044496d484b72891a5926b240f7e508efb46ace113000902edbe1ab80f1a90ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/it.min.js?v=20230925
81.117.60.163200 OK 991 B URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/it.min.js?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1099), with no line terminators
Hash 33e489d4c1d13aa5d4ccd85fff0f5c81
c770f982710cc527b30e653ef26e272d4bd5debe
01a1d652c154710b332c3d23db5336ca13d5191ffc8887b3e2a7285548f1b41f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/it.min.js?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/js/it.min.js
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="48500046"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: application/x-javascript
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20006b2fafe79fde7369564c4a52e3606a2c65c7255dff1a4454a8ea3614c716db2c08ac29acfa113000c6645e7337592de20ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/8aac23a3-30db-4f64-88fe-5807e3ef8f91/ICONE33.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8aac23a3-30db-4f64-88fe-5807e3ef8f91-nS0T8fb
81.117.60.163200 OK 3.6 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/8aac23a3-30db-4f64-88fe-5807e3ef8f91/ICONE33.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8aac23a3-30db-4f64-88fe-5807e3ef8f91-nS0T8fb
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 187 x 51, 8-bit/color RGBA, non-interlaced
Hash 1631f00bcff1abbc9c540b41131fc2a2
e8c33a6454010420a4752bc97c0be4b7bf6745b3
b720bde94887845a5e25a4ff186665f6ebdbfdf47a62a1c62aa4cafa81c9f9ff
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/8aac23a3-30db-4f64-88fe-5807e3ef8f91/ICONE33.png?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8aac23a3-30db-4f64-88fe-5807e3ef8f91-nS0T8fb HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2132974588"
Content-Length: 3649
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-331485974"
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000834efa97f0092b3dd8a0e1c2b8658efaea17719373ee8bb86239cc5ea8f09826085d3c0ed91130006b10ac7e30979cc30ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
cdn.cookielaw.org/logos/f4e55eee-e40e-4138-a8df-0e6f62d00be5/a8df9dd7-8230-4156-be04-1ca9db48ca3a/4e2c524f-7496-4957-9e5f-b39377dc217c/LogoUnisalute.png
104.19.178.52200 OK 3.7 kB URL GET HTTP/2 cdn.cookielaw.org/logos/f4e55eee-e40e-4138-a8df-0e6f62d00be5/a8df9dd7-8230-4156-be04-1ca9db48ca3a/4e2c524f-7496-4957-9e5f-b39377dc217c/LogoUnisalute.png
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type PNG image data, 119 x 34, 8-bit/color RGBA, non-interlaced
Hash 8097df54a4a83b3563a7c11e0d989b0a
3fdcd7446fd71601c1724c422fe6baad22efdce3
8a70003743a060f49a0f5668274c28951f691e7ccf521f908cb84c320f3c27f6
GET /logos/f4e55eee-e40e-4138-a8df-0e6f62d00be5/a8df9dd7-8230-4156-be04-1ca9db48ca3a/4e2c524f-7496-4957-9e5f-b39377dc217c/LogoUnisalute.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: image/png
content-length: 3713
content-md5: gJffVKSoOzVjp8EeDZibCg==
last-modified: Fri, 08 Oct 2021 12:58:19 GMT
etag: 0x8D98A5B4D8BFCF5
x-ms-request-id: 654562aa-701e-0078-5a3b-239a7b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 38482
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce14dfa11b529-OSL
X-Firefox-Spdy: h2
81.117.60.163/wcm/connect/7db7cf6f-ea4b-4858-ad2e-15b5fa342400/infografica-news-homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7db7cf6f-ea4b-4858-ad2e-15b5fa342400-oFvndLw
81.117.60.163200 OK 133 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/7db7cf6f-ea4b-4858-ad2e-15b5fa342400/infografica-news-homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7db7cf6f-ea4b-4858-ad2e-15b5fa342400-oFvndLw
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Size 133 kB (132936 bytes)
Hash 7b1ffe71d05d3dca1a2f941b2640bc9b
a38a5ef4ff4151b768dc8e7c5ab7dd404b092d9d
1f064aded13ed18de768d684838c595cbfc3f80185b06615e1e9ed84eaee4dae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/7db7cf6f-ea4b-4858-ad2e-15b5fa342400/infografica-news-homepage.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7db7cf6f-ea4b-4858-ad2e-15b5fa342400-oFvndLw HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1599951933"
Content-Length: 132936
Server-Timing: dtSInfo;desc="0", dtRpid;desc="603580290"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000f5c04d8ebb30820be1ae52defaa002dc19736d3500e21d5a22cdb6843c2cc089083151236d113000eef958ec939293a18263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
maps.googleapis.com/maps-api-v3/api/js/55/11a/onion.js
142.250.74.170200 OK 27 kB URL GET HTTP/3 maps.googleapis.com/maps-api-v3/api/js/55/11a/onion.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File type JavaScript source, ASCII text, with very long lines (2744)
Hash 63c5e0f65a278cda7bc73c27dc91e99e
8b9a9f324f34ea00655feac14b78f77a35e68651
9067bfc2f5a16257eba025ec1d59e80cfc8e7064843149c9913119541ee1ccfd
GET /maps-api-v3/api/js/55/11a/onion.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
timing-allow-origin: *
content-length: 8982
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 18:28:14 GMT
expires: Fri, 02 May 2025 18:28:14 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Feb 2024 23:41:46 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 532784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
81.117.60.163/unisalutews/rss?maxElem=10
81.117.60.163200 OK 3.3 kB URL GET HTTP/1.1 81.117.60.163/unisalutews/rss?maxElem=10
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3435), with no line terminators
Hash 05175e0fb990917eb3263c68ead259b6
bdc6ab8a3e7150e9ee84a75e4e709eda721513b9
317e5c7958fc989e4e4691f0a3c3c0f9591469b0c762e68381eb7947bd2c3d54
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /unisalutews/rss?maxElem=10 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
x-dtpc: $407274793_883h3vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000834efa97f0092b3dd8a0e1c2b8658efaea17719373ee8bb86239cc5ea8f09826085d3c0ed91130006b10ac7e30979cc30ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h3vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209075902|1715207274800; dtSa=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-654391956"
Keep-Alive: timeout=60, max=95
Connection: close
Content-Type: application/json
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200092b0628fc1f27b457c8770564f1f3d76fac2ad390024a30d12f3317e8bb4e12e086cc84e4b1130004ecb998980483c688263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/wcm/connect/8d0109f7-04a7-46c8-9b18-5d942c949235/donna-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8d0109f7-04a7-46c8-9b18-5d942c949235-oW4HOBm
81.117.60.163200 OK 141 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/8d0109f7-04a7-46c8-9b18-5d942c949235/donna-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8d0109f7-04a7-46c8-9b18-5d942c949235-oW4HOBm
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x493, components 3
Size 141 kB (141287 bytes)
Hash 8599b3ed3518d5a1e2ccb2931ab446fb
612cf1a48de4b7c48712a7bd386b01aad07af220
b1e5a2df35218d03f2f7d83125ce5698201cf31854c41c87fc9730cd0e834f36
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/8d0109f7-04a7-46c8-9b18-5d942c949235/donna-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-8d0109f7-04a7-46c8-9b18-5d942c949235-oW4HOBm HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2068864398"
Content-Length: 141287
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2071337387"
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20001b634d1cfd3ee2f284981e8db56e3f8d0e1eef893029ef0eb69a450e6f849c380886fb41fd1130007c2bbdc19187a8e30ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
143.204.55.101200 OK 6.2 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
IP 143.204.55.101:443
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (6343), with no line terminators
Hash 5b0fbc66fe9c0179359c0fa11d720bcc
886f32a21f051568e8722c7034b7f7d7997b9d86
f8384cfb674af931601e7a98b93132e52d4c2e50204286d841e5a2c5864480ed
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Mon, 08 May 2023 11:42:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 01:31:59 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vwQITkeJQoqA3W2s0dp_jImrVCHXr25TQycWedmKv9HL5miZcIhv2w==
age: 75358
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.cookielaw.org/logos/static/powered_by_logo.svg
104.19.178.52200 OK 5.2 kB URL GET HTTP/2 cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP 104.19.178.52:443
Certificate IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 38b5388f36f8f885deb26afdac0e3116
112eccab1891a3a7cab1c5602ba72c9e127136e0
a8562f11c5a80a5c1c4ab388cfa2a69598203a57a5c67d1f80512bddd80d09ef
GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:27:57 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Mon, 06 May 2024 19:45:14 GMT
x-ms-request-id: 3874c187-b01e-0074-08b1-a0c72f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 13781
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 880ce14dfa13b529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
81.117.60.163/wcm/connect/9c7d9168-ce54-43b5-b9aa-5c5573de1829/uomo-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-9c7d9168-ce54-43b5-b9aa-5c5573de1829-oSsXB8w
81.117.60.163200 OK 135 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/9c7d9168-ce54-43b5-b9aa-5c5573de1829/uomo-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-9c7d9168-ce54-43b5-b9aa-5c5573de1829-oSsXB8w
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x493, components 3
Size 135 kB (135160 bytes)
Hash 04323945e60d18dd7fd1df9824eeb471
cf1070e37687f9bdcbae07854d7d30c79cd2cb9c
51a7778467680dc317180dc81b64e7dfcffc25de11d19679ed55d4435a8e4e7b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/9c7d9168-ce54-43b5-b9aa-5c5573de1829/uomo-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-9c7d9168-ce54-43b5-b9aa-5c5573de1829-oSsXB8w HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2068900742"
Content-Length: 135160
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1227406159"
Keep-Alive: timeout=60, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20008c413e71fb137468b6c8e6d54c2b871c30bfc9faa6efab57482135d5aeebbbbf08c317eb5f1130009c4794568ea1d89e0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/temp-background-bianco.png
81.117.60.163200 OK 12 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/temp-background-bianco.png
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type PNG image data, 704 x 1055, 8-bit/color RGBA, interlaced
Hash 8acbc858607dfd75598b809380bc7f0d
6ce55a11074604e04c163f978e6a2f9541ae47f4
eab187ec6a4e265cc607c32163fc3e1cba51edbfe1821b8259499304df26f63b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/temp-background-bianco.png HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/custom.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200016635fc1326cf2367c16e3e3e88de34dc062b227901fa0ce20e81429c9144ba5084e9c175b1130001dc86353c12d9ded0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:41 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Wed, 06 Sep 2023 08:40:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/images/temp-background-bianco.png
Content-Length: 12283
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-306149293"
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: image/png
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20002b48f354fe2541789c9d3e9066a088a195a217313b2af191128868696dfb5cc90865b8069f11300039818f72a52800978263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Bold.woff2
81.117.60.163200 OK 87 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Bold.woff2
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 86804, version 7.14548
Hash 5d01e6b586c901792ba220af37c171f4
5e15bf15ff929945bd1b140c15da631142fd23ac
294653dc1466dcda027c8ff4d80f7bc8fb074fc0daacab9afde68c1f7646bb1d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Bold.woff2 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
ETag: "1696942526:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Tue, 10 Oct 2023 12:55:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Bold.woff2
Content-Length: 86804
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1448647377"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: application/octet-stream
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000d02146601bdadf6b64c623787a3eac779401adbdbd7f07dbbc80d1ee12dde6b30808b7ed84113000c93cef600fad2b960ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/b4637cd3-0a30-4cf4-b498-03bc9dffd6f7/under30-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b4637cd3-0a30-4cf4-b498-03bc9dffd6f7-oW4HFE.
81.117.60.163200 OK 158 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/b4637cd3-0a30-4cf4-b498-03bc9dffd6f7/under30-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b4637cd3-0a30-4cf4-b498-03bc9dffd6f7-oW4HFE.
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x493, components 3
Size 158 kB (158158 bytes)
Hash a24cb098eb99772b591a930db61dc515
13a861641d2ef2be378b0ef023fa37c632ef15df
df18b8619042835b512d56e366eaccf4819d0e7717c9f9ebb503ede52c48e69c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/b4637cd3-0a30-4cf4-b498-03bc9dffd6f7/under30-primavera.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-b4637cd3-0a30-4cf4-b498-03bc9dffd6f7-oW4HFE. HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-2068900525"
Content-Length: 158158
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1991016980"
Keep-Alive: timeout=60, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000365768445ecf489f0a017eaf7b65d885b6a71c5e35fafcecfffd747b71bdc81108feca8f131130003ec6b528ae79a19a0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/wcm/connect/44bd8765-7923-4ca1-8325-f784d15d7a64/infografica-hp-cs-.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-44bd8765-7923-4ca1-8325-f784d15d7a64-oya.x4e
81.117.60.163200 OK 72 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/44bd8765-7923-4ca1-8325-f784d15d7a64/infografica-hp-cs-.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-44bd8765-7923-4ca1-8325-f784d15d7a64-oya.x4e
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 580x400, components 3
Hash 2e8320f5a995b336612cd0872f932669
87917ed92631a4faac332b299c17a56f91210b0b
e9ada8d61b494a963ed464ddd3cf8c5bf6b2ace3fb11133a0c7c4cf4d50d15bf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/44bd8765-7923-4ca1-8325-f784d15d7a64/infografica-hp-cs-.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-44bd8765-7923-4ca1-8325-f784d15d7a64-oya.x4e HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:56 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "-1963029904"
Content-Length: 71705
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-543443633"
Keep-Alive: timeout=60, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab200042127d6520d0e4d3250bc3859ebe618aea90f1d9a8dbcd2755e07a4e6b5dfddd08a8e1ebd11130006ab40301928abf288263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
81.117.60.163/unisalutews/socialWall?fbSeq=10&ytSeq=8&twSeq=9&liSeq=0&igSeq=1
81.117.60.163200 OK 554 B URL GET HTTP/1.1 81.117.60.163/unisalutews/socialWall?fbSeq=10&ytSeq=8&twSeq=9&liSeq=0&igSeq=1
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (608), with no line terminators
Hash 542d5e7b7ea594668691b2af09a68549
e7ab658b56e64bd6e4cb7ef1564907caf9a3f715
be83882b7bd688e5cf78b0d11edae6e8d70f9d1a1cac56b17f993705afe1c484
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /unisalutews/socialWall?fbSeq=10&ytSeq=8&twSeq=9&liSeq=0&igSeq=1 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
x-dtpc: $407274793_883h4vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000834efa97f0092b3dd8a0e1c2b8658efaea17719373ee8bb86239cc5ea8f09826085d3c0ed91130006b10ac7e30979cc30ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h4vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209075917|1715207274800; dtSa=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:56 GMT
X-OneAgent-JS-Injection: true
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1716107690"
Keep-Alive: timeout=60, max=96
Connection: close
Content-Type: application/json
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000251441675932af6e8bbf76c09b16e2a2d737e99f6af66e68a66ac4b4c48013c408fc79bd35113000517d73c5b6cbdf958263055440d7228ae7b5e706ce09c8e9b57ede2f262cc66fc5168ba1475943cfff7b6332c61becb4; Path=/
blogunisalute.it/wp-content/uploads/2024/04/criolipolisi.webp
185.19.185.51200 OK 168 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/04/criolipolisi.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 168 kB (167496 bytes)
Hash 16a34edb660617c138d879cd9fc606ea
2f229e910a6a7dd26ea5fc2e1eeda59d1747bccd
034aa99ad6bbcf20317ab7069856af97e6ea974ce44937b176c19fbcc3b9a73b
GET /wp-content/uploads/2024/04/criolipolisi.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 167496
last-modified: Wed, 24 Apr 2024 16:46:08 GMT
etag: "28e48-616da684bcfde"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
143.204.55.101200 OK 6.2 kB URL GET HTTP/2 widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b
IP 143.204.55.101:443
Certificate IssuerAmazon
Subject*.trustpilot.com
FingerprintAD:F5:82:99:EF:67:7C:57:24:13:51:2A:C5:F0:5A:35:24:D0:23:C2
ValidityWed, 03 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (6343), with no line terminators
Hash 5b0fbc66fe9c0179359c0fa11d720bcc
886f32a21f051568e8722c7034b7f7d7997b9d86
f8384cfb674af931601e7a98b93132e52d4c2e50204286d841e5a2c5864480ed
GET /trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5846a4f30000ff000598ae6b HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1930
last-modified: Mon, 08 May 2023 11:42:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Wed, 08 May 2024 01:31:59 GMT
cache-control: max-age=86400
etag: "1b1a56d9c9fcf8acab07f238231461df"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W0DoS-031TL9spc3MDAvNE_5Ks3dTfgSSVpl3DOI_L82rTX56VrG9g==
age: 75358
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Medium.woff2
81.117.60.163200 OK 87 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Medium.woff2
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 87040, version 7.14548
Hash 4dd8a4fcba34eb94ee58472f8e3e5312
ed7f1fd4369906eb2f0b649a5025bb0a48903df4
f8c1310c6b5351bef1ed7a6d0ff52aba46264a4c42f5346e1d0a1fe6e189e1c4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Medium.woff2 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/fonts.min.css?v=20230925
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200016635fc1326cf2367c16e3e3e88de34dc062b227901fa0ce20e81429c9144ba5084e9c175b1130001dc86353c12d9ded0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: ii5GaWFmf-_XbUwRC09ivQ
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:40 GMT
Cache-Control: public, max-age=31556925
ETag: "1696942526:dtagent102872403251031080DU9:dtagent102872403251031080DU9"
Last-Modified: Tue, 10 Oct 2023 12:55:24 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/fonts/Montserrat-Medium.woff2
Content-Length: 87040
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-42949639"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: application/octet-stream
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab2000dfb483c3587bc047f4c4a39f95cbfe1bb36bdaf0e688c3d579b5a6e4a6e10a2508a2ae2442113000a2ca43c219e249d80ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/tablet.min.css?v=20230925
81.117.60.163200 OK 48 kB URL GET HTTP/1.1 81.117.60.163/contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/tablet.min.css?v=20230925
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type ASCII text, with very long lines (48094), with no line terminators
Hash d84fac5adc2e85e477e3805134a8ecbd
dee10841c497438220c8a80e424537d765b9eb72
dea14ca176c0ae7919f5b22295f99b46c858fa52cf95dc2110f51813db1c283f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/tablet.min.css?v=20230925 HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab200071245b2fdba46780989b314d16eede73cde4107aae15bde530d49de25565815f08e25781d71130009ee6c186d309c1a17891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:54 GMT
X-OneAgent-JS-Injection: true
Accept-Ranges: bytes
X-Request-Digest: -nF2bXPPFK_PhHAQc8iXLw
X-DataSource-Digest: IRrY8ygKwtX4OyG05o7nuA
Expires: Fri, 09 May 2025 04:16:39 GMT
Cache-Control: public, max-age=31556925
Last-Modified: Tue, 10 Oct 2023 12:55:26 GMT
Content-Location: /contenthandler/!ut/p/digest!IRrY8ygKwtX4OyG05o7nuA/war/UniSaluteThemeStatic/themes/WoodburnStudio/customTheme/css/tablet.min.css
Vary: Accept-Encoding
Content-Encoding: gzip
Server-Timing: dtSInfo;desc="0", dtRpid;desc="875755874"
Keep-Alive: timeout=60, max=100
Connection: close
Content-Type: text/css
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20000be0867ae298c772f3ccda076b8d999698876f9d3290b93af3204c1f79c0125808e257cb29113000f918ddcc053d31b07891562daa35c12a4310f6bd7ae370210d20bb63b38a08a4f7e137ebb08c94e052072337803245c5; Path=/
81.117.60.163/wcm/connect/7935cdc1-e00d-430c-a451-ae8156c8c504/perche+sceglierci_1.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7935cdc1-e00d-430c-a451-ae8156c8c504-oHgVUzw
81.117.60.163200 OK 253 kB URL GET HTTP/1.1 81.117.60.163/wcm/connect/7935cdc1-e00d-430c-a451-ae8156c8c504/perche+sceglierci_1.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7935cdc1-e00d-430c-a451-ae8156c8c504-oHgVUzw
IP 81.117.60.163:443
Certificate IssuerDigiCert Inc
Subjectwww.unisalute.it
FingerprintC3:7F:EC:5C:7E:22:86:56:C0:D8:0E:C0:DC:B9:AE:FF:79:65:6D:4D
ValidityMon, 19 Feb 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 25.0 (Macintosh), datetime=2023:09:26 11:28:47], progressive, precision 8, 900x598, components 3
Size 253 kB (253022 bytes)
Hash 333864c9b647a282c13d3c30103ac0fc
7b016bfcbf96ab445c800d26b66b651fe6785b63
e53ff16811d5922a9e09c9a90f1c4aadfe496aecff1256936cbb680ce0c99d83
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wcm/connect/7935cdc1-e00d-430c-a451-ae8156c8c504/perche+sceglierci_1.jpg?MOD=AJPERES&CACHEID=ROOTWORKSPACE-7935cdc1-e00d-430c-a451-ae8156c8c504-oHgVUzw HTTP/1.1
Host: 81.117.60.163
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Cookie: dtCookie=v_4_srv_3_sn_18A95CDA4773362F1FB22FEA58D94055_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1; DigestTracker=AAABj1pR_kI; TS01f80d5e=01de53d37e38e6be9f1144741f7bbcdb9259cd3f27d7bcd7a29f047908ecefac1c40b11c1eaf06cbc26d724ce381197b3f96615ee47af2ee865402beb99182bdca28f1c50c; TS01b54431=01de53d37ea8f539f99a720c225ae7ef4c845a324fd7bcd7a29f047908ecefac1c40b11c1ead6ea18af0b9d1c3954f6e8bdff1fe0173243139b7d3222f672472e1b3853533; TSa871e10f027=0859b2a892ab2000adf3088d5dc2eb6a1909a9d9aa2651d9b600c828e64abb7051892b09aefc107808f51d7c8d113000c8919f416b52b5f70ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; rxVisitor=1715207274799FBOPAQN3JP71DF7A12O8R7JKKMLNDVG4; dtPC=407274793_883h1vALCSKUHPFGHPEUUNOGPVCAPFELNBKPFN-0e0; rxvt=1715209074809|1715207274800; dtSa=-
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 22:27:55 GMT
X-OneAgent-JS-Injection: true
Expires: Wed, 08 May 2024 22:37:55 GMT
Accept-Ranges: bytes
Cache-Control: public,max-age=600,post-check=300,pre-check=600
ETag: "1722738520"
Content-Length: 253022
Server-Timing: dtSInfo;desc="0", dtRpid;desc="128801514"
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
Content-Language: en-US
Set-Cookie: TSa871e10f027=0859b2a892ab20008ce4aa25572e10dbffa2664378a21b4a88182b42a953c75d4370ab2e2173458108026d991711300080b864026cf5aa3b0ee1f3743941d229adc53a2fd1e4aa8181fb1c2ecf31249c551b3c2162ea70e607c56f0ed3996731; Path=/
tags.tiqcdn.com/utag/unisalute/main/prod/utag.1.js?utv=ut4.48.202404290826
54.230.111.11200 OK 72 kB URL GET HTTP/2 tags.tiqcdn.com/utag/unisalute/main/prod/utag.1.js?utv=ut4.48.202404290826
IP 54.230.111.11:443
Certificate IssuerAmazon
Subjecttags.tiqcdn.com
FingerprintC9:35:85:08:90:40:E2:F4:B8:03:14:E3:5B:04:8F:D9:EB:BD:35:61
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (15589)
Hash 39c520fa11938054182f9653ab2f1867
ead3c4449310ef790597e4dc1de934df68faea13
d236c9e24252eb8b36bc45e082bcddddec181eae682270b1a4c5f86c0ff715a3
GET /utag/unisalute/main/prod/utag.1.js?utv=ut4.48.202404290826 HTTP/1.1
Host: tags.tiqcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 08 May 2024 12:44:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: gVfNmJZuRoEvdn8cn9uEhpbgzJeHHj58
server: AmazonS3
content-encoding: br
date: Wed, 08 May 2024 22:23:43 GMT
etag: W/"39c520fa11938054182f9653ab2f1867"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xG-gn-8gf5nk6c3_GeAPSL231WY9-vvMW0e6rdkwHdcGy82QJI5ryQ==
age: 254
cache-control: max-age=1296000
X-Firefox-Spdy: h2
blogunisalute.it/wp-content/uploads/2024/05/farmaci-e-succo-di-frutta.webp
185.19.185.51200 OK 130 kB URL GET HTTP/2 blogunisalute.it/wp-content/uploads/2024/05/farmaci-e-succo-di-frutta.webp
IP 185.19.185.51:443
Certificate IssuerLet's Encrypt
Subjectblogunisalute.it
FingerprintD6:7B:7F:0D:D8:C3:E4:E9:09:11:2F:55:C2:6C:5E:CD:5F:E9:23:31
ValidityMon, 06 May 2024 21:00:23 GMT - Sun, 04 Aug 2024 21:00:22 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1000x667, Scaling: [none]x[none], YUV color, decoders should clamp
Size 130 kB (129752 bytes)
Hash 35233091aabb49dd5bcddcac57b1568e
a6593aa37ffd94fc62d63dbb970d9ab667b33e79
05c4eafdfbd9a6737219fbdca2662933302f346060bc0619976a77cf810a2854
GET /wp-content/uploads/2024/05/farmaci-e-succo-di-frutta.webp HTTP/1.1
Host: blogunisalute.it
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://81.117.60.163/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:27:56 GMT
content-length: 129752
last-modified: Wed, 01 May 2024 17:45:35 GMT
etag: "1fad8-617680dc719a2"
content-security-policy: default-src 'self' 'unsafe-inline'; frame-ancestors 'self'; img-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval' blob:; font-src *; style-src https: 'unsafe-inline'; frame-src 'self' https: platform.twitter.com www.google.com www.youtube.com; connect-src *;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2